GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
19 advisories
Filter by severity
A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an...
Moderate
Unreviewed
CVE-2024-20390
was published
Sep 11, 2024
The registration process of uniFLOW Online (NT-ware product) apps, prior to and including version...
High
Unreviewed
CVE-2024-1621
was published
Sep 2, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38886
was published
Aug 2, 2024
An issue in SHENZHEN TENDA TECHNOLOGY CO.,LTD Tenda AX2pro V16.03.29.48_cn allows a remote...
Critical
Unreviewed
CVE-2024-40515
was published
Jul 16, 2024
An issue in H3C Technologies Co., Limited H3C Magic RC3000 RC3000V100R009 allows a remote...
High
Unreviewed
CVE-2024-40516
was published
Jul 16, 2024
An issue in Tenda AX12 v.16.03.49.18_cn+ allows a remote attacker to cause a denial of service...
Moderate
Unreviewed
CVE-2024-40503
was published
Jul 16, 2024
Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same...
Low
Unreviewed
CVE-2024-37664
was published
Jun 17, 2024
TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in...
Moderate
Unreviewed
CVE-2024-37661
was published
Jun 17, 2024
Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in...
Low
Unreviewed
CVE-2024-37663
was published
Jun 17, 2024
TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same...
Moderate
Unreviewed
CVE-2024-37662
was published
Jun 17, 2024
Constallation has pods exposed to peers in VPC
High
GHSA-g8fc-vrcg-8vjg
was published
for
github.com/edgelesssys/constellation/v2
(Go)
Apr 15, 2024
The TTLock App does not employ proper verification procedures to ensure that it is communicating...
Moderate
Unreviewed
CVE-2023-7004
was published
Mar 15, 2024
An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks...
Moderate
Unreviewed
CVE-2024-0009
was published
Feb 14, 2024
A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions),...
High
Unreviewed
CVE-2023-51440
was published
Feb 13, 2024
usememos/memos vulnerable to Improper Verification of Source of a Communication Channel
Moderate
CVE-2022-4848
was published
for
github.com/usememos/memos
(Go)
Dec 29, 2022
usememos/memos vulnerable to Improper Verification of Source of a Communication Channel
Moderate
CVE-2022-4800
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
Improper Verification of Source of a Communication Channel in Apache Tomcat
Moderate
CVE-2016-0763
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
SleekXMPP and Slixmpp Incorrect Implementation of Message Carbons
Moderate
CVE-2017-5591
was published
for
SleekXMPP
(pip)
May 13, 2022
Improper Verification of Communication Channel in @theia/plugin-ext
Moderate
CVE-2021-41038
was published
for
@theia/plugin-ext
(npm)
Nov 15, 2021
ProTip!
Advisories are also available from the
GraphQL API