Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,416
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,657
Pub
13
RubyGems
1,027
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

145 advisories

Loading
A vulnerability was identified in Yi Technology YI Home Camera 2 2.1.1_20171024151200. This... High Unreviewed
CVE-2026-4478 was published Mar 20, 2026
JetKVM prior to 0.5.4 does not verify the authenticity of downloaded firmware files. An attacker... High Unreviewed
CVE-2026-32294 was published Mar 17, 2026
The GL-iNet Comet (GL-RM1) KVM does not sufficiently verify the authenticity of uploaded firmware... High Unreviewed
CVE-2026-32290 was published Mar 17, 2026
Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions... High Unreviewed
CVE-2026-30798 was published Mar 5, 2026
An authenticated arbitrary file upload vulnerability in Cohesity TranZman Migration Appliance... High Unreviewed
CVE-2025-63910 was published Mar 3, 2026
The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insufficient Verification... High Unreviewed
CVE-2026-2428 was published Feb 27, 2026
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport... High Unreviewed
CVE-2026-1642 was published Feb 4, 2026
eGovFramework/egovframe-common-components versions up to and including 4.3.1 includes Web Editor... High Unreviewed
CVE-2025-34337 was published Nov 19, 2025
A vulnerability was determined in Belkin AX1800 1.1.00.016. Affected by this vulnerability is an... High Unreviewed
CVE-2025-9379 was published Aug 24, 2025
In HDP Server versions below 4.6.2.2978 on Linux, unauthorized access could occur via IP spoofing... High Unreviewed
CVE-2025-6504 was published Jul 29, 2025
An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of... High Unreviewed
CVE-2025-30192 was published Jul 21, 2025
A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162.... High Unreviewed
CVE-2025-7096 was published Jul 7, 2025
The executable file warning did not warn users before opening files with the `terminal` extension... High Unreviewed
CVE-2025-6426 was published Jun 26, 2025
The backup ZIPs are not signed by the application, leading to the possibility that an attacker... High Unreviewed
CVE-2025-49199 was published Jun 12, 2025
Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized... High Unreviewed
CVE-2025-29842 was published May 13, 2025
Insufficient verification of data authenticity in some Intel(R) DSA software before version 23.4... High Unreviewed
CVE-2024-39805 was published Feb 13, 2025
Insufficient data authenticity verification vulnerability in Janto, versions prior to r12. This... High Unreviewed
CVE-2025-1108 was published Feb 7, 2025
There is a vulnerability in the BMC firmware image authentication design at Supermicro MBD... High Unreviewed
CVE-2024-10237 was published Feb 4, 2025
Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege... High Unreviewed
CVE-2024-8356 was published Nov 23, 2024
VULNERABILITY DETAILS Rockwell Automation used the latest versions of the CVSS scoring system to... High Unreviewed
CVE-2024-7847 was published Oct 14, 2024
An issue was discovered in Technitium through 11.0.3. It enables attackers to conduct a DNS cache... High Unreviewed
CVE-2023-28457 was published Sep 18, 2024
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84... High Unreviewed
CVE-2024-7979 was published Aug 21, 2024
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84... High Unreviewed
CVE-2024-7980 was published Aug 21, 2024
Windows Print Spooler Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38198 was published Aug 13, 2024
Windows DNS Spoofing Vulnerability High Unreviewed
CVE-2024-37968 was published Aug 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database