GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
844
Swift
36
Unreviewed advisories
All unreviewed
5,000+
99 advisories
Filter by severity
An exploit is possible where an actor with physical access can manipulate SPI flash without being...
Moderate
Unreviewed
CVE-2024-33660
was published
Nov 12, 2024
Gradio lacks integrity checking on the downloaded FRP client
High
CVE-2024-47867
was published
for
gradio
(pip)
Oct 10, 2024
The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling...
Critical
Unreviewed
CVE-2024-45321
was published
Aug 27, 2024
A vulnerability allows attackers to download source code or an executable from a remote location...
Critical
Unreviewed
CVE-2023-41921
was published
Jul 2, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
High
Unreviewed
CVE-2024-30206
was published
May 14, 2024
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the...
High
Unreviewed
CVE-2024-33118
was published
May 6, 2024
Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-39474
was published
May 3, 2024
IO-1020 Micro ELD downloads source code or an executable from an
adjacent location and executes...
Critical
Unreviewed
CVE-2024-28878
was published
Apr 12, 2024
WP Crontrol vulnerable to possible RCE when combined with a pre-condition
High
CVE-2024-28850
was published
for
johnbillion/wp-crontrol
(Composer)
Mar 25, 2024
Download of Code Without Integrity Check vulnerability in Apache Doris.
The jdbc driver files...
Critical
Unreviewed
CVE-2024-27438
was published
Mar 21, 2024
An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows...
High
Unreviewed
CVE-2023-47353
was published
Feb 6, 2024
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs...
High
Unreviewed
CVE-2023-46143
was published
Dec 14, 2023
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX...
High
Unreviewed
CVE-2023-5592
was published
Dec 14, 2023
A download of code without integrity check vulnerability in PLCnext products allows an remote...
High
Unreviewed
CVE-2023-46144
was published
Dec 14, 2023
A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a...
Moderate
Unreviewed
CVE-2023-5630
was published
Dec 14, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45839
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45841
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45842
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45840
was published
Dec 5, 2023
A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023...
High
Unreviewed
CVE-2023-43608
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45838
was published
Dec 5, 2023
In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File...
High
Unreviewed
CVE-2023-46887
was published
Nov 29, 2023
A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow...
High
Unreviewed
CVE-2023-5984
was published
Nov 15, 2023
In MLSoft TCO!stream versions 8.0.22.1115 and below, a vulnerability exists due to insufficient...
Critical
Unreviewed
CVE-2023-45799
was published
Oct 30, 2023
Artifact Hub has Incorrect Docker Hub registry check
Moderate
CVE-2023-45821
was published
for
github.com/artifacthub/hub
(Go)
Oct 19, 2023
ProTip!
Advisories are also available from the
GraphQL API