GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
86 advisories
Filter by severity
The ventilator does not perform proper file integrity checks when adopting firmware updates. This...
Critical
Unreviewed
CVE-2024-48974
was published
Nov 15, 2024
An exploit is possible where an actor with physical access can manipulate SPI flash without being...
Moderate
Unreviewed
CVE-2024-33660
was published
Nov 12, 2024
A download of code without integrity check vulnerability in the "execute restore src-vis" command...
High
Unreviewed
CVE-2021-44168
was published
Jan 5, 2022
A download of code without integrity check vulnerability in PLCnext products allows an remote...
High
Unreviewed
CVE-2023-46144
was published
Dec 14, 2023
An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint...
Moderate
Unreviewed
CVE-2021-3485
was published
May 24, 2022
The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling...
Critical
Unreviewed
CVE-2024-45321
was published
Aug 27, 2024
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the...
High
Unreviewed
CVE-2024-33118
was published
May 6, 2024
Download of Code Without Integrity Check vulnerability in Apache Doris.
The jdbc driver files...
Critical
Unreviewed
CVE-2024-27438
was published
Mar 21, 2024
A vulnerability allows attackers to download source code or an executable from a remote location...
Critical
Unreviewed
CVE-2023-41921
was published
Jul 2, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
High
Unreviewed
CVE-2024-30206
was published
May 14, 2024
Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-39474
was published
May 3, 2024
IO-1020 Micro ELD downloads source code or an executable from an
adjacent location and executes...
Critical
Unreviewed
CVE-2024-28878
was published
Apr 12, 2024
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and...
Critical
Unreviewed
CVE-2018-5409
was published
May 24, 2022
Synel Terminals - CWE-494: Download of Code Without Integrity Check
Critical
Unreviewed
CVE-2023-37220
was published
Sep 3, 2023
Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian...
Critical
Unreviewed
CVE-2023-40254
was published
Aug 11, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with...
High
Unreviewed
CVE-2023-37864
was published
Aug 9, 2023
A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0...
High
Unreviewed
CVE-2023-22635
was published
Apr 11, 2023
An issue was discovered in WeeChat before 2.7.1 (0.4.0 to 2.7 are affected). A malformed message...
High
Unreviewed
CVE-2020-9759
was published
May 24, 2022
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where...
High
Unreviewed
CVE-2019-3977
was published
May 24, 2022
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN...
High
Unreviewed
CVE-2019-13534
was published
May 24, 2022
Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that...
High
Unreviewed
CVE-2019-12809
was published
May 24, 2022
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an...
Critical
Unreviewed
CVE-2019-3801
was published
May 24, 2022
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development...
High
Unreviewed
CVE-2019-9534
was published
May 24, 2022
Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the...
High
Unreviewed
CVE-2008-3438
was published
May 2, 2022
An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows...
High
Unreviewed
CVE-2023-47353
was published
Feb 6, 2024
ProTip!
Advisories are also available from the
GraphQL API