Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
An exploitable firmware modification vulnerability was discovered in WNR612v2 Wireless Routers... High Unreviewed
CVE-2023-23110 was published Feb 2, 2023
RuoYi vulnerable to arbitrary file download High
CVE-2023-27025 was published for com.ruoyi:ruoyi (Maven) Apr 2, 2023
A vulnerability exists in the file upload validation part of Hitachi Energy TXpert Hub CoreTec 4... High Unreviewed
CVE-2021-35532 was published Jun 8, 2022
A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow... High Unreviewed
CVE-2023-5984 was published Nov 15, 2023
In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File... High Unreviewed
CVE-2023-46887 was published Nov 29, 2023
A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023... High Unreviewed
CVE-2023-43608 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45838 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45839 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45840 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45841 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45842 was published Dec 5, 2023
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX... High Unreviewed
CVE-2023-5592 was published Dec 14, 2023
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs... High Unreviewed
CVE-2023-46143 was published Dec 14, 2023
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-1200 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-1452 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-1453 was published May 24, 2022
The PartyGaming PartyPoker client program 121/120 does not properly verify the authenticity of... High Unreviewed
CVE-2008-3324 was published May 1, 2022
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications... High Unreviewed
CVE-2002-0671 was published Apr 30, 2022
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download... High Unreviewed
CVE-2001-1125 was published Apr 30, 2022
An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows... High Unreviewed
CVE-2023-47353 was published Feb 6, 2024
Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the... High Unreviewed
CVE-2008-3438 was published May 2, 2022
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development... High Unreviewed
CVE-2019-9534 was published May 24, 2022
RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application High
CVE-2020-5398 was published for org.springframework:spring-webflux (Maven) Jan 21, 2020
briandealwis sunSUNQ
WP Crontrol vulnerable to possible RCE when combined with a pre-condition High
CVE-2024-28850 was published for johnbillion/wp-crontrol (Composer) Mar 25, 2024
johnbillion calvinalkan
Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that... High Unreviewed
CVE-2019-12809 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database