Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,552
Maven
5,000+
npm
4,224
NuGet
746
pip
3,999
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

99 advisories

Loading
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can... Critical Unreviewed
CVE-2024-3596 was published Jul 9, 2024
In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges... Moderate Unreviewed
CVE-2024-47255 was published Nov 5, 2024
Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious... High Unreviewed
CVE-2024-7402 was published Aug 14, 2025
A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162.... High Unreviewed
CVE-2025-7096 was published Jul 7, 2025
A vulnerability exists in the IEC 61850 of the MicroSCADA X SYS600 product. An IEC 61850-8... High Unreviewed
CVE-2025-39203 was published Jun 24, 2025
In LiteSpeed QUIC (LSQUIC) Library before 4.0.4, DCID validation is mishandled. Critical Unreviewed
CVE-2024-25678 was published Feb 9, 2024
An improper validation of integrity check value vulnerability exists in AVEVA PI Connector for... Moderate Unreviewed
CVE-2025-4418 was published Jun 12, 2025
An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi... High Unreviewed
CVE-2022-38955 was published Sep 21, 2022
An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi... Moderate Unreviewed
CVE-2022-38956 was published Sep 21, 2022
SAP Business Client, versions 6.5, 7.0, does not perform necessary integrity checks which could... Moderate Unreviewed
CVE-2020-6228 was published May 24, 2022
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third... High Unreviewed
CVE-2018-6336 was published May 13, 2022
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for... Critical Unreviewed
CVE-2017-15994 was published May 13, 2022
An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3... High Unreviewed
CVE-2017-4961 was published May 13, 2022
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... Moderate Unreviewed
CVE-2025-3479 was published Apr 17, 2025
The Contact Form 7 plugin for WordPress is vulnerable to Order Replay in all versions up to, and... Moderate Unreviewed
CVE-2025-3247 was published Apr 16, 2025
This issue was addressed with improved handling of executable types. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24148 was published Apr 1, 2025
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update... Moderate Unreviewed
CVE-2023-23120 was published Feb 2, 2023
An improper validation of integrity check value vulnerability [CWE-354] in FortiNDR version 7.4.2... Moderate Unreviewed
CVE-2024-47573 was published Mar 14, 2025
Improper Validation of Integrity Check Value vulnerability in TXOne Networks StellarProtect ... Moderate Unreviewed
CVE-2024-47935 was published Feb 17, 2025
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying... Moderate Unreviewed
CVE-2024-56169 was published Dec 18, 2024
A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A... Critical Unreviewed
CVE-2023-50738 was published Jan 17, 2025
There is an insufficient integrity vulnerability in Huawei products. A module does not perform... Moderate Unreviewed
CVE-2020-9210 was published Dec 27, 2024
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware... Critical Unreviewed
CVE-2023-28386 was published May 22, 2023
An issue in TOTOLINK Bluetooth Wireless Adapter A600UB allows a local attacker to execute... High Unreviewed
CVE-2024-51141 was published Nov 15, 2024
Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16... Moderate Unreviewed
CVE-2024-49406 was published Nov 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database