Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,614
Maven
5,000+
npm
4,254
NuGet
760
pip
4,031
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

160 advisories

Loading
Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or... High Unreviewed
CVE-2025-34503 was published Oct 25, 2025
An Improper Verification of Cryptographic Signature vulnerability [CWE-347] in FortiClient MacOS... High Unreviewed
CVE-2025-46774 was published Oct 14, 2025
E3 Site Supervisor Control (firmware version < 2.31F01) firmware upgrade packages are unsigned.... High Unreviewed
CVE-2025-52550 was published Oct 1, 2025
An insufficiently secured internal function allows session generation for arbitrary users. The... High Unreviewed
CVE-2025-30064 was published Aug 27, 2025
A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that... High Unreviewed
CVE-2025-4371 was published Aug 18, 2025
A vulnerability has been identified in Mendix SAML (Mendix 10.12 compatible) (All versions < V4.0... High Unreviewed
CVE-2025-40758 was published Aug 14, 2025
In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly... High Unreviewed
CVE-2025-47827 was published Jun 5, 2025
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions), SiPass... High Unreviewed
CVE-2022-31807 was published May 23, 2025
Improper verification of cryptographic signature in Microsoft Azure Functions allows an... High Unreviewed
CVE-2025-33074 was published Apr 30, 2025
CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution... High Unreviewed
CVE-2025-2764 was published Apr 23, 2025
MSI Center before 2.0.52.0 has Missing PE Signature Validation. High Unreviewed
CVE-2025-27813 was published Apr 10, 2025
Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass... High Unreviewed
CVE-2025-2233 was published Mar 12, 2025
A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for... High Unreviewed
CVE-2025-20206 was published Mar 5, 2025
Improper signature verification in Ivanti EPM before the 2024 January-2025 Security Update and... High Unreviewed
CVE-2024-13172 was published Jan 14, 2025
A library injection vulnerability exists in Microsoft Teams (work or school) 24046.2813.2770.1094... High Unreviewed
CVE-2024-42004 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft OneNote 16.83 for macOS. A specially... High Unreviewed
CVE-2024-41159 was published Dec 19, 2024
A library injection vulnerability exists in the WebView.app helper app of Microsoft Teams (work... High Unreviewed
CVE-2024-41145 was published Dec 19, 2024
A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of... High Unreviewed
CVE-2024-41138 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially... High Unreviewed
CVE-2024-39804 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. A specially... High Unreviewed
CVE-2024-42220 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted... High Unreviewed
CVE-2024-41165 was published Dec 19, 2024
A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted... High Unreviewed
CVE-2024-43106 was published Dec 19, 2024
Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A... High Unreviewed
CVE-2024-22461 was published Dec 13, 2024
This vulnerability exists in the TP-Link Archer C50 due to improper signature verification... High Unreviewed
CVE-2024-54126 was published Dec 5, 2024
Dell NetWorker Management Console, version(s) 19.11, contain(s) an Improper Verification of... High Unreviewed
CVE-2024-47476 was published Dec 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database