Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,193
Erlang
25
GitHub Actions
39
Go
2,385
Maven
3,027
npm
3,078
NuGet
529
pip
2,897
Pub
5
RubyGems
442
Rust
905
Swift
20
Unreviewed advisories
All unreviewed
5,000+

41 advisories

Loading
A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover... Moderate Unreviewed
CVE-2026-5504 was published Apr 10, 2026
rPGP's integrity protection of encrypted data was not always checked Moderate
GHSA-c7ph-f7jm-xv4w was published for pgp (Rust) Feb 13, 2026
go-git improperly verifies data integrity values for .idx and .pack files Moderate
CVE-2026-25934 was published for github.com/go-git/go-git/v5 (Go) Feb 10, 2026
N0zoM1z0 Credited to N0zoM1z0
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause... Moderate Unreviewed
CVE-2025-33193 was published Nov 25, 2025
An improper validation of integrity check value vulnerability exists in AVEVA PI Connector for... Moderate Unreviewed
CVE-2025-4418 was published Jun 12, 2025
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... Moderate Unreviewed
CVE-2025-3479 was published Apr 17, 2025
The Contact Form 7 plugin for WordPress is vulnerable to Order Replay in all versions up to, and... Moderate Unreviewed
CVE-2025-3247 was published Apr 16, 2025
An improper validation of integrity check value vulnerability [CWE-354] in FortiNDR version 7.4.2... Moderate Unreviewed
CVE-2024-47573 was published Mar 14, 2025
Improper Validation of Integrity Check Value vulnerability in TXOne Networks StellarProtect ... Moderate Unreviewed
CVE-2024-47935 was published Feb 17, 2025
There is an insufficient integrity vulnerability in Huawei products. A module does not perform... Moderate Unreviewed
CVE-2020-9210 was published Dec 27, 2024
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying... Moderate Unreviewed
CVE-2024-56169 was published Dec 18, 2024
Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16... Moderate Unreviewed
CVE-2024-49406 was published Nov 6, 2024
In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges... Moderate Unreviewed
CVE-2024-47255 was published Nov 5, 2024
In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to... Moderate Unreviewed
CVE-2024-49875 was published Oct 21, 2024
OpenStack Ironic fails to verify checksums of supplied image_source URLs Moderate
CVE-2024-47211 was published for ironic (pip) Oct 4, 2024
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper validation of the ... Moderate Unreviewed
CVE-2024-45789 was published Sep 11, 2024
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR10 fails to validate /etc/mtab during... Moderate Unreviewed
CVE-2023-24063 was published Aug 8, 2024
An issue was discovered in Samsung Mobile Processor EExynos 2200, Exynos 1480, Exynos 2400. It... Moderate Unreviewed
CVE-2024-31958 was published Jun 7, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on... Moderate Unreviewed
CVE-2023-41970 was published May 2, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on... Moderate Unreviewed
CVE-2024-23461 was published May 2, 2024
Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to... Moderate Unreviewed
CVE-2023-42143 was published Jan 23, 2024
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin Moderate
CVE-2023-48795 was published for golang.org/x/crypto (Go) Dec 18, 2023
TrueSkrillor Credited to TrueSkrillor, lambdafu, sugar700, and levpachmanov lambdafu lambdafu
sugar700 sugar700 levpachmanov levpachmanov
An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an... Moderate Unreviewed
CVE-2023-28802 was published Nov 21, 2023
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through... Moderate Unreviewed
CVE-2023-28002 was published Nov 14, 2023
AsyncSSH Rogue Extension Negotiation Moderate
CVE-2023-46445 was published for asyncssh (pip) Nov 9, 2023
TrueSkrillor Credited to TrueSkrillor and lambdafu lambdafu lambdafu
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database