Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... High Unreviewed
CVE-2024-30206 was published May 14, 2024
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the... High Unreviewed
CVE-2024-33118 was published May 6, 2024
Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-39474 was published May 3, 2024
WP Crontrol vulnerable to possible RCE when combined with a pre-condition High
CVE-2024-28850 was published for johnbillion/wp-crontrol (Composer) Mar 25, 2024
johnbillion calvinalkan
An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows... High Unreviewed
CVE-2023-47353 was published Feb 6, 2024
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX... High Unreviewed
CVE-2023-5592 was published Dec 14, 2023
A download of code without integrity check vulnerability in PLCnext products allows an remote... High Unreviewed
CVE-2023-46144 was published Dec 14, 2023
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs... High Unreviewed
CVE-2023-46143 was published Dec 14, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45840 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45839 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45841 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45838 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45842 was published Dec 5, 2023
A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023... High Unreviewed
CVE-2023-43608 was published Dec 5, 2023
In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File... High Unreviewed
CVE-2023-46887 was published Nov 29, 2023
A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow... High Unreviewed
CVE-2023-5984 was published Nov 15, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with... High Unreviewed
CVE-2023-37864 was published Aug 9, 2023
A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0... High Unreviewed
CVE-2023-22635 was published Apr 11, 2023
RuoYi vulnerable to arbitrary file download High
CVE-2023-27025 was published for com.ruoyi:ruoyi (Maven) Apr 2, 2023
An exploitable firmware modification vulnerability was discovered in WNR612v2 Wireless Routers... High Unreviewed
CVE-2023-23110 was published Feb 2, 2023
Sinatra vulnerable to Reflected File Download attack High
CVE-2022-45442 was published for sinatra (RubyGems) Nov 30, 2022
motoyasu-saburi
Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated... High Unreviewed
CVE-2022-40799 was published Nov 29, 2022
Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the... High Unreviewed
CVE-2022-36671 was published Sep 2, 2022
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 5.00.008.053 via... High Unreviewed
CVE-2021-45027 was published Sep 2, 2022
Django vulnerable to Reflected File Download attack High
CVE-2022-36359 was published for Django (pip) Aug 11, 2022
sunSUNQ levpachmanov
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database