GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
97 advisories
Filter by severity
An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows...
High
Unreviewed
CVE-2023-47353
was published
Feb 6, 2024
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download...
High
Unreviewed
CVE-2001-1125
was published
Apr 30, 2022
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications...
High
Unreviewed
CVE-2002-0671
was published
Apr 30, 2022
The PartyGaming PartyPoker client program 121/120 does not properly verify the authenticity of...
High
Unreviewed
CVE-2008-3324
was published
May 1, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
Moderate
Unreviewed
CVE-2020-1576
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly...
Moderate
Unreviewed
CVE-2020-1595
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
High
Unreviewed
CVE-2020-1453
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
High
Unreviewed
CVE-2020-1452
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
High
Unreviewed
CVE-2020-1200
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
Moderate
Unreviewed
CVE-2020-1210
was published
May 24, 2022
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs...
High
Unreviewed
CVE-2023-46143
was published
Dec 14, 2023
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX...
High
Unreviewed
CVE-2023-5592
was published
Dec 14, 2023
A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a...
Moderate
Unreviewed
CVE-2023-5630
was published
Dec 14, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45841
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45842
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45840
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45839
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45838
was published
Dec 5, 2023
A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023...
High
Unreviewed
CVE-2023-43608
was published
Dec 5, 2023
In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File...
High
Unreviewed
CVE-2023-46887
was published
Nov 29, 2023
A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow...
High
Unreviewed
CVE-2023-5984
was published
Nov 15, 2023
In MLSoft TCO!stream versions 8.0.22.1115 and below, a vulnerability exists due to insufficient...
Critical
Unreviewed
CVE-2023-45799
was published
Oct 30, 2023
Artifact Hub has Incorrect Docker Hub registry check
Moderate
CVE-2023-45821
was published
for
github.com/artifacthub/hub
(Go)
Oct 19, 2023
Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function
Moderate
CVE-2023-29401
was published
for
github.com/gin-gonic/gin
(Go)
May 12, 2023
Jenkins Plugin Installation Manager Tool did not verify plugin downloads
Critical
CVE-2020-2320
was published
for
io.jenkins.plugin-management:plugin-management-parent-pom
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API