Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

34 advisories

Loading
An Insufficient Integrity Verification vulnerability in the ASUS ROG peripheral driver... Moderate Unreviewed
CVE-2026-1878 was published Mar 12, 2026
Download of Code Without Integrity Check vulnerability in Microchip Time Provider 4100 allows... Moderate Unreviewed
CVE-2025-47904 was published Feb 24, 2026
The firmware update functionality does not verify the authenticity of the supplied firmware... Moderate Unreviewed
CVE-2025-15575 was published Feb 12, 2026
A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco... Moderate Unreviewed
CVE-2026-20056 was published Feb 4, 2026
Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance... Moderate Unreviewed
CVE-2025-40604 was published Nov 20, 2025
An issue was discovered in Mahara 23.04.8 and 24.04.4. The use of a malicious export download URL... Moderate Unreviewed
CVE-2024-47192 was published Aug 26, 2025
An exploit is possible where an actor with physical access can manipulate SPI flash without being... Moderate Unreviewed
CVE-2024-33660 was published Nov 12, 2024
Improper privilege management in the installer for some Zoom Workplace Apps and SDKs for Windows... Moderate Unreviewed
CVE-2024-39819 was published Jul 15, 2024
A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a... Moderate Unreviewed
CVE-2023-5630 was published Dec 14, 2023
Artifact Hub has Incorrect Docker Hub registry check Moderate
CVE-2023-45821 was published for github.com/artifacthub/hub (Go) Oct 19, 2023
dejanzelic Credited to dejanzelic
Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW. Moderate Unreviewed
CVE-2023-24500 was published Jul 6, 2023
Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW. Moderate Unreviewed
CVE-2023-24503 was published Jul 6, 2023
Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function Moderate
CVE-2023-29401 was published for github.com/gin-gonic/gin (Go) May 12, 2023
adam-baxter_cbais Credited to adam-baxter_cbais, godwhoa, jetzlstorfer, danieljmt, and raph6 godwhoa godwhoa
jetzlstorfer jetzlstorfer danieljmt danieljmt raph6 raph6
A vulnerability has been discovered in Rocket.Chat, where editing messages can change the... Moderate Unreviewed
CVE-2023-28317 was published May 10, 2023
An issue was discovered in Veritas NetBackup IT Analytics 11 before 11.2.0. The application... Moderate Unreviewed
CVE-2023-28818 was published Mar 24, 2023
TP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary... Moderate Unreviewed
CVE-2022-46428 was published Dec 20, 2022
TP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute... Moderate Unreviewed
CVE-2022-46430 was published Dec 20, 2022
An authenticated attacker can impact the integrity of the ArubaOS bootloader on 7xxx series... Moderate Unreviewed
CVE-2022-37908 was published Dec 12, 2022
Rapid7 Nexpose versions prior to 6.6.172 failed to reliably validate the authenticity of update... Moderate Unreviewed
CVE-2022-4261 was published Dec 8, 2022
A remote file download issue can occur in some capabilities of Esri ArcGIS Server web services... Moderate Unreviewed
CVE-2022-38199 was published Oct 25, 2022
An arbitrary file download vulnerability in the downloadAction() function of Penta Security... Moderate Unreviewed
CVE-2022-31324 was published Sep 14, 2022
IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop... Moderate Unreviewed
CVE-2022-24140 was published Jul 7, 2022
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur... Moderate Unreviewed
CVE-2021-30657 was published May 24, 2022
This issue was addressed with improved handling of file metadata. This issue is fixed in macOS... Moderate Unreviewed
CVE-2021-30658 was published May 24, 2022
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur... Moderate Unreviewed
CVE-2021-30669 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database