GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,154
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
652
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
24 advisories
Filter by severity
Improper Verification of Communication Channel in @theia/plugin-ext
Moderate
CVE-2021-41038
was published
for
@theia/plugin-ext
(npm)
Nov 15, 2021
SleekXMPP and Slixmpp Incorrect Implementation of Message Carbons
Moderate
CVE-2017-5591
was published
for
SleekXMPP
(pip)
May 13, 2022
Improper Verification of Source of a Communication Channel in Apache Tomcat
Moderate
CVE-2016-0763
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
usememos/memos vulnerable to Improper Verification of Source of a Communication Channel
Moderate
CVE-2022-4800
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos vulnerable to Improper Verification of Source of a Communication Channel
Moderate
CVE-2022-4848
was published
for
github.com/usememos/memos
(Go)
Dec 29, 2022
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity...
High
Unreviewed
CVE-2023-3663
was published
Aug 3, 2023
TouchLink packets processed after timeout or out of range due to Operation on a Resource after...
Critical
Unreviewed
CVE-2023-41094
was published
Oct 4, 2023
Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for...
Critical
Unreviewed
CVE-2023-41355
was published
Nov 3, 2023
TAIWAN-CA(TWCA) JCICSecurityTool's Registry-related functions have insufficient filtering for...
Moderate
Unreviewed
CVE-2023-48387
was published
Dec 15, 2023
A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions),...
High
Unreviewed
CVE-2023-51440
was published
Feb 13, 2024
An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks...
Moderate
Unreviewed
CVE-2024-0009
was published
Feb 14, 2024
The TTLock App does not employ proper verification procedures to ensure that it is communicating...
Moderate
Unreviewed
CVE-2023-7004
was published
Mar 15, 2024
Constallation has pods exposed to peers in VPC
High
GHSA-g8fc-vrcg-8vjg
was published
for
github.com/edgelesssys/constellation/v2
(Go)
Apr 15, 2024
Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in...
Low
Unreviewed
CVE-2024-37663
was published
Jun 17, 2024
TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same...
Moderate
Unreviewed
CVE-2024-37662
was published
Jun 17, 2024
TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in...
Moderate
Unreviewed
CVE-2024-37661
was published
Jun 17, 2024
Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same...
Low
Unreviewed
CVE-2024-37664
was published
Jun 17, 2024
An issue in Tenda AX12 v.16.03.49.18_cn+ allows a remote attacker to cause a denial of service...
Moderate
Unreviewed
CVE-2024-40503
was published
Jul 16, 2024
An issue in H3C Technologies Co., Limited H3C Magic RC3000 RC3000V100R009 allows a remote...
High
Unreviewed
CVE-2024-40516
was published
Jul 16, 2024
An issue in SHENZHEN TENDA TECHNOLOGY CO.,LTD Tenda AX2pro V16.03.29.48_cn allows a remote...
Critical
Unreviewed
CVE-2024-40515
was published
Jul 16, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38886
was published
Aug 2, 2024
The registration process of uniFLOW Online (NT-ware product) apps, prior to and including version...
High
Unreviewed
CVE-2024-1621
was published
Sep 2, 2024
A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an...
Moderate
Unreviewed
CVE-2024-20390
was published
Sep 11, 2024
In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript...
High
Unreviewed
CVE-2024-49579
was published
Oct 17, 2024
ProTip!
Advisories are also available from the
GraphQL API