GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
19 advisories
Filter by severity
An exploit is possible where an actor with physical access can manipulate SPI flash without being...
Moderate
Unreviewed
CVE-2024-33660
was published
Nov 12, 2024
An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint...
Moderate
Unreviewed
CVE-2021-3485
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
Moderate
Unreviewed
CVE-2020-1576
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly...
Moderate
Unreviewed
CVE-2020-1595
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
Moderate
Unreviewed
CVE-2020-1210
was published
May 24, 2022
A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a...
Moderate
Unreviewed
CVE-2023-5630
was published
Dec 14, 2023
A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local...
Moderate
Unreviewed
CVE-2017-12306
was published
May 13, 2022
A remote file download issue can occur in some capabilities of Esri ArcGIS Server web services...
Moderate
Unreviewed
CVE-2022-38199
was published
Oct 25, 2022
This issue was addressed with improved handling of file metadata. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2021-30658
was published
May 24, 2022
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur...
Moderate
Unreviewed
CVE-2021-30669
was published
May 24, 2022
AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid...
Moderate
Unreviewed
CVE-2020-25266
was published
May 24, 2022
TP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2022-46428
was published
Dec 20, 2022
TP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute...
Moderate
Unreviewed
CVE-2022-46430
was published
Dec 20, 2022
Rapid7 Nexpose versions prior to 6.6.172 failed to reliably validate the authenticity of update...
Moderate
Unreviewed
CVE-2022-4261
was published
Dec 8, 2022
In Tipask < 3.5.9, path parameters entered by the user are not validated when downloading...
Moderate
Unreviewed
CVE-2021-41714
was published
May 24, 2022
An arbitrary file download vulnerability in the downloadAction() function of Penta Security...
Moderate
Unreviewed
CVE-2022-31324
was published
Sep 14, 2022
IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop...
Moderate
Unreviewed
CVE-2022-24140
was published
Jul 7, 2022
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur...
Moderate
Unreviewed
CVE-2021-30657
was published
May 24, 2022
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0)...
Moderate
Unreviewed
CVE-2020-8468
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API