Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,606
Maven
5,000+
npm
5,000+
NuGet
924
pip
4,831
Pub
13
RubyGems
1,045
Rust
1,256
Swift
53
Unreviewed advisories
All unreviewed
5,000+

13 advisories

Loading
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the configuration... Critical Unreviewed
CVE-2022-29898 was published May 12, 2022
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for... Critical Unreviewed
CVE-2017-15994 was published May 13, 2022
In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page)... Critical Unreviewed
CVE-2022-31266 was published Jun 30, 2022
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware... Critical Unreviewed
CVE-2023-28386 was published May 22, 2023
DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access... Critical Unreviewed
CVE-2023-33668 was published Jul 12, 2023
In LiteSpeed QUIC (LSQUIC) Library before 4.0.4, DCID validation is mishandled. Critical Unreviewed
CVE-2024-25678 was published Feb 9, 2024
PHPECC vulnerable to multiple cryptographic side-channel attacks Critical
GHSA-346h-749j-r28w was published for mdanter/ecc (Composer) Apr 25, 2024
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can... Critical Unreviewed
CVE-2024-3596 was published Jul 9, 2024
A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A... Critical Unreviewed
CVE-2023-50738 was published Jan 17, 2025
This issue was addressed with improved handling of executable types. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24148 was published Apr 1, 2025
JWE is missing AES-GCM authentication tag validation in encrypted JWE Critical
CVE-2025-54887 was published for jwe (RubyGems) Aug 7, 2025
Sideni Credited to Sideni
Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors... Critical Unreviewed
CVE-2025-11543 was published Dec 22, 2025
nginx-ui Backup Restore Allows Tampering with Encrypted Backups Critical
CVE-2026-33026 was published for github.com/0xJacky/Nginx-UI (Go) Mar 30, 2026
dapickle Credited to dapickle
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database