GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,082
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,082
Maven 5,251
npm 3,747
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,314

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

87 advisories

Filter by severity

Sort by

Least recently updated

The ventilator does not perform proper file integrity checks when adopting firmware updates. This... Critical Unreviewed

CVE-2024-48974 was published Nov 15, 2024

An exploit is possible where an actor with physical access can manipulate SPI flash without being... Moderate Unreviewed

CVE-2024-33660 was published Nov 12, 2024

The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling... Critical Unreviewed

CVE-2024-45321 was published Aug 27, 2024

A vulnerability allows attackers to download source code or an executable from a remote location... Critical Unreviewed

CVE-2023-41921 was published Jul 2, 2024

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... High Unreviewed

CVE-2024-30206 was published May 14, 2024

LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the... High Unreviewed

CVE-2024-33118 was published May 6, 2024

Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2023-39474 was published May 3, 2024

IO-1020 Micro ELD downloads source code or an executable from an adjacent location and executes... Critical Unreviewed

CVE-2024-28878 was published Apr 12, 2024

In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org... High Unreviewed

CVE-2024-30205 was published Mar 25, 2024

Download of Code Without Integrity Check vulnerability in Apache Doris. The jdbc driver files... Critical Unreviewed

CVE-2024-27438 was published Mar 21, 2024

An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows... High Unreviewed

CVE-2023-47353 was published Feb 6, 2024

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX... High Unreviewed

CVE-2023-5592 was published Dec 14, 2023

Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs... High Unreviewed

CVE-2023-46143 was published Dec 14, 2023

A download of code without integrity check vulnerability in PLCnext products allows an remote... High Unreviewed

CVE-2023-46144 was published Dec 14, 2023

A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a... Moderate Unreviewed

CVE-2023-5630 was published Dec 14, 2023

Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed

CVE-2023-45840 was published Dec 5, 2023

A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023... High Unreviewed

CVE-2023-43608 was published Dec 5, 2023

Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed

CVE-2023-45842 was published Dec 5, 2023

Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed

CVE-2023-45841 was published Dec 5, 2023

Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed

CVE-2023-45839 was published Dec 5, 2023

Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed

CVE-2023-45838 was published Dec 5, 2023

In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File... High Unreviewed

CVE-2023-46887 was published Nov 29, 2023

A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow... High Unreviewed

CVE-2023-5984 was published Nov 15, 2023

In MLSoft TCO!stream versions 8.0.22.1115 and below, a vulnerability exists due to insufficient... Critical Unreviewed

CVE-2023-45799 was published Oct 30, 2023

Synel Terminals - CWE-494: Download of Code Without Integrity Check Critical Unreviewed

CVE-2023-37220 was published Sep 3, 2023

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

87 advisories