GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,578

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

124 advisories

Filter by severity

Sort by

Least recently updated

Insufficient verification of data authenticity in Zoom Desktop Client for Windows before 5.14.5... High Unreviewed

CVE-2023-36541 was published Aug 8, 2023

In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity... High Unreviewed

CVE-2023-3663 was published Aug 3, 2023

In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be... High Unreviewed

CVE-2022-48431 was published Jul 6, 2023

Rumpus - FTP server version 9.0.7.1 Improper Token Verification– vulnerability may allow... High Unreviewed

CVE-2022-46370 was published Jul 6, 2023

The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to... High Unreviewed

CVE-2023-30759 was published Jun 19, 2023

Insufficient verification of data authenticity in Zoom for Windows clients before 5.14.0 may... High Unreviewed

CVE-2023-34113 was published Jun 13, 2023

If an attacker can trick an authenticated user into loading a maliciously crafted .zip file onto... High Unreviewed

CVE-2023-2866 was published Jun 7, 2023

Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution (RCE)... High Unreviewed

CVE-2023-31502 was published May 12, 2023

A man in the middle can redirect traffic to a malicious server in a compromised configuration. High Unreviewed

CVE-2023-26467 was published Apr 11, 2023

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server... High Unreviewed

CVE-2023-27979 was published Mar 21, 2023

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server... High Unreviewed

CVE-2023-27977 was published Mar 21, 2023

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server... High Unreviewed

CVE-2023-27982 was published Mar 21, 2023

A vulnerability classified as critical has been found in Zerocoin libzerocoin. Affected is the... High Unreviewed

CVE-2017-20180 was published Mar 6, 2023

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network ... High Unreviewed

CVE-2023-22315 was published Jan 31, 2023

Emerson DeltaV Distributed Control System (DCS) has insufficient verification of firmware... High Unreviewed

CVE-2022-30260 was published Dec 26, 2022

An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to... High Unreviewed

CVE-2022-31877 was published Nov 28, 2022

Remote code execution vulnerability due to insufficient verification of URLs, etc. in... High Unreviewed

CVE-2022-41156 was published Nov 25, 2022

An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient,... High Unreviewed

CVE-2022-26122 was published Nov 2, 2022

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed

CVE-2022-36360 was published Oct 11, 2022

Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during... High Unreviewed

CVE-2022-38625 was published Aug 30, 2022

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353... High Unreviewed

CVE-2022-2793 was published Aug 20, 2022

The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity.... High Unreviewed

CVE-2022-30262 was published Aug 18, 2022

The recovery module has a vulnerability of bypassing the verification of an update package before... High Unreviewed

CVE-2022-37008 was published Aug 11, 2022

Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom... High Unreviewed

CVE-2022-30269 was published Jul 27, 2022

The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the... High Unreviewed

CVE-2022-30272 was published Jul 27, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

124 advisories