Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

62 advisories

Loading
Django vulnerable to Reflected File Download attack High
CVE-2022-36359 was published for Django (pip) Aug 11, 2022
sunSUNQ levpachmanov
A vulnerability exists in the file upload validation part of Hitachi Energy TXpert Hub CoreTec 4... High Unreviewed
CVE-2021-35532 was published Jun 8, 2022
Caphyon Ltd Advanced Installer 19.2 was discovered to contain a remote code execution (RCE)... High Unreviewed
CVE-2022-27438 was published Jun 7, 2022
A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on... High Unreviewed
CVE-2020-28213 was published May 24, 2022
DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, which could allow remote... High Unreviewed
CVE-2020-7875 was published May 24, 2022
Download of code without integrity check vulnerability in NEXACRO14 Runtime ActiveX control of... High Unreviewed
CVE-2020-7874 was published May 24, 2022
In cPanel before 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads (SEC... High Unreviewed
CVE-2021-38588 was published May 24, 2022
Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A... High Unreviewed
CVE-2021-33879 was published May 24, 2022
An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check,... High Unreviewed
CVE-2021-27574 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-1452 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-1453 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-1200 was published May 24, 2022
An issue was discovered in WeeChat before 2.7.1 (0.4.0 to 2.7 are affected). A malformed message... High Unreviewed
CVE-2020-9759 was published May 24, 2022
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where... High Unreviewed
CVE-2019-3977 was published May 24, 2022
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development... High Unreviewed
CVE-2019-9534 was published May 24, 2022
Cargo prior to Rust 1.26.0 may download the wrong dependency High
CVE-2019-16760 was published for cargo (Rust) May 24, 2022
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN... High Unreviewed
CVE-2019-13534 was published May 24, 2022
Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that... High Unreviewed
CVE-2019-12809 was published May 24, 2022
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its... High Unreviewed
CVE-2019-7229 was published May 24, 2022
Incorrect Resource Transfer Between Spheres in Grails High
CVE-2019-12728 was published for org.grails:grails-core (Maven) May 24, 2022
Eclipse Vorto resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS High
CVE-2019-10248 was published for org.eclipse.vorto:org.eclipse.vorto.core (Maven) May 24, 2022
Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check... High Unreviewed
CVE-2022-28944 was published May 24, 2022
The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room... High Unreviewed
CVE-2022-22786 was published May 19, 2022
Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC... High Unreviewed
CVE-2018-13012 was published May 13, 2022
Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in... High Unreviewed
CVE-2017-2707 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database