Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
2,891
Erlang
24
GitHub Actions
39
Go
2,240
Maven
2,698
npm
2,899
NuGet
500
pip
2,728
Pub
5
RubyGems
364
Rust
889
Swift
19
Unreviewed advisories
All unreviewed
5,000+

33 advisories

Loading
Improper Validation of Integrity Check Value in TensorFlow High
GHSA-43q8-3fv7-pr5x was published for tensorflow (pip) Feb 9, 2022
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third... High Unreviewed
CVE-2018-6336 was published May 13, 2022
One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a... High Unreviewed
CVE-2019-13496 was published May 24, 2022
The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019... High Unreviewed
CVE-2020-28656 was published May 24, 2022
In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during... High Unreviewed
CVE-2021-31913 was published May 24, 2022
A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C... High Unreviewed
CVE-2021-37182 was published Jun 15, 2022
OpenZeppelin Contracts vulnerable to ECDSA signature malleability High
CVE-2022-35961 was published for @openzeppelin/contracts (npm) Aug 18, 2022
An issue was discovered in Qualys Cloud Agent 4.8.0-49. It executes programs at various full... High Unreviewed
CVE-2022-29549 was published Aug 19, 2022
An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi... High Unreviewed
CVE-2022-38955 was published Sep 21, 2022
All firmware versions of the NPort 5000 Series are affected by an improper validation of... High Unreviewed
CVE-2023-4929 was published Oct 3, 2023
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream... High Unreviewed
CVE-2022-24404 was published Oct 19, 2023
AsyncSSH Rogue Session Attack High
CVE-2023-46446 was published for asyncssh (pip) Nov 9, 2023
TrueSkrillor Credited to TrueSkrillor and lambdafu lambdafu lambdafu
A missing integrity check in the update system in ProLion CryptoSpike 3.0.15P2 allows attackers... High Unreviewed
CVE-2023-36650 was published Dec 12, 2023
github.com/containers/image allows unexpected authenticated registry accesses High
CVE-2024-3727 was published for github.com/containers/image (Go) May 14, 2024
RTann Credited to RTann
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0... High Unreviewed
CVE-2023-33206 was published Aug 8, 2024
Apache MINA SSHD: integrity check bypass High
CVE-2024-41909 was published for org.apache.sshd:sshd-common (Maven) Aug 12, 2024
This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the... High Unreviewed
CVE-2024-47089 was published Sep 19, 2024
secp256k1-node allows private key extraction over ECDH High
CVE-2024-48930 was published for secp256k1 (npm) Oct 21, 2024
ChALkeR Credited to ChALkeR and jprichardson jprichardson jprichardson
Rebuilding a run with revoked script approval allowed by Jenkins Pipeline: Groovy Plugin High
CVE-2024-52550 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) Nov 13, 2024
An issue in TOTOLINK Bluetooth Wireless Adapter A600UB allows a local attacker to execute... High Unreviewed
CVE-2024-51141 was published Nov 15, 2024
A vulnerability exists in the IEC 61850 of the MicroSCADA X SYS600 product. An IEC 61850-8... High Unreviewed
CVE-2025-39203 was published Jun 24, 2025
electron ASAR Integrity bypass by just modifying the content High
CVE-2024-46992 was published for electron (npm) Jun 30, 2025
Just-Hack-For-Fun Credited to Just-Hack-For-Fun
A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162.... High Unreviewed
CVE-2025-7096 was published Jul 7, 2025
Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious... High Unreviewed
CVE-2024-7402 was published Aug 14, 2025
Improper Digest Verification in httpsig-hyper May Allow Message Integrity Bypass High
CVE-2026-26275 was published for httpsig-hyper (Rust) Feb 17, 2026
divi255 Credited to divi255
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database