Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

47 advisories

Loading
tlslite-ng off-by-one error on mac checking High
CVE-2018-1000159 was published for tlslite-ng (pip) Jul 12, 2018
Incomplete validation of shapes in multiple TF ops High
CVE-2021-41206 was published for tensorflow (pip) Nov 10, 2021
An issue was discovered in Listary through 6. Improper implementation of the update process leads... High Unreviewed
CVE-2021-41067 was published Dec 15, 2021
Execution Control List (ECL) Is Insecure in Singularity High
CVE-2020-13845 was published for github.com/sylabs/singularity (Go) Dec 20, 2021
tri-adam
Improper Validation of Integrity Check Value in TensorFlow High
GHSA-43q8-3fv7-pr5x was published for tensorflow (pip) Feb 9, 2022
The DFX module has a vulnerability of improper validation of integrity check values.Successful... High Unreviewed
CVE-2022-22253 was published Apr 12, 2022
Some Xiaomi models have a vulnerability in a certain application. The vulnerability is caused by... High Unreviewed
CVE-2020-14120 was published Apr 22, 2022
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed... High Unreviewed
CVE-2022-22781 was published Apr 29, 2022
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third... High Unreviewed
CVE-2018-6336 was published May 13, 2022
The Lenovo Service Framework Android application uses a set of nonsecure credentials when... High Unreviewed
CVE-2017-3760 was published May 13, 2022
An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3... High Unreviewed
CVE-2017-4961 was published May 13, 2022
The Firefox installer allows Firefox to be installed to a custom user writable location, leaving... High Unreviewed
CVE-2019-11753 was published May 24, 2022
One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a... High Unreviewed
CVE-2019-13496 was published May 24, 2022
Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before... High Unreviewed
CVE-2019-18672 was published May 24, 2022
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash.... High Unreviewed
CVE-2020-25862 was published May 24, 2022
The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019... High Unreviewed
CVE-2020-28656 was published May 24, 2022
An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration... High Unreviewed
CVE-2020-25758 was published May 24, 2022
Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3... High Unreviewed
CVE-2021-20709 was published May 24, 2022
In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during... High Unreviewed
CVE-2021-31913 was published May 24, 2022
Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers... High Unreviewed
CVE-2021-25388 was published May 24, 2022
IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local... High Unreviewed
CVE-2020-4610 was published May 24, 2022
There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone... High Unreviewed
CVE-2021-22442 was published May 24, 2022
When curl is instructed to download content using the metalink feature, thecontents is verified... High Unreviewed
CVE-2021-22922 was published May 24, 2022
Improper Validation of Integrity Check Value in go-tuf High
CVE-2022-29173 was published for github.com/theupdateframework/go-tuf (Go) May 24, 2022
rdimitrov
In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead... High Unreviewed
CVE-2022-21757 was published Jun 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database