Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

86 advisories

Loading
The ventilator does not perform proper file integrity checks when adopting firmware updates. This... Critical Unreviewed
CVE-2024-48974 was published Nov 15, 2024
An exploit is possible where an actor with physical access can manipulate SPI flash without being... Moderate Unreviewed
CVE-2024-33660 was published Nov 12, 2024
A download of code without integrity check vulnerability in the "execute restore src-vis" command... High Unreviewed
CVE-2021-44168 was published Jan 5, 2022
A download of code without integrity check vulnerability in PLCnext products allows an remote... High Unreviewed
CVE-2023-46144 was published Dec 14, 2023
An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint... Moderate Unreviewed
CVE-2021-3485 was published May 24, 2022
The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling... Critical Unreviewed
CVE-2024-45321 was published Aug 27, 2024
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the... High Unreviewed
CVE-2024-33118 was published May 6, 2024
Download of Code Without Integrity Check vulnerability in Apache Doris. The jdbc driver files... Critical Unreviewed
CVE-2024-27438 was published Mar 21, 2024
A vulnerability allows attackers to download source code or an executable from a remote location... Critical Unreviewed
CVE-2023-41921 was published Jul 2, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... High Unreviewed
CVE-2024-30206 was published May 14, 2024
Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-39474 was published May 3, 2024
IO-1020 Micro ELD downloads source code or an executable from an adjacent location and executes... Critical Unreviewed
CVE-2024-28878 was published Apr 12, 2024
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and... Critical Unreviewed
CVE-2018-5409 was published May 24, 2022
Synel Terminals - CWE-494: Download of Code Without Integrity Check Critical Unreviewed
CVE-2023-37220 was published Sep 3, 2023
Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian... Critical Unreviewed
CVE-2023-40254 was published Aug 11, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with... High Unreviewed
CVE-2023-37864 was published Aug 9, 2023
A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0... High Unreviewed
CVE-2023-22635 was published Apr 11, 2023
An issue was discovered in WeeChat before 2.7.1 (0.4.0 to 2.7 are affected). A malformed message... High Unreviewed
CVE-2020-9759 was published May 24, 2022
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where... High Unreviewed
CVE-2019-3977 was published May 24, 2022
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN... High Unreviewed
CVE-2019-13534 was published May 24, 2022
Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that... High Unreviewed
CVE-2019-12809 was published May 24, 2022
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an... Critical Unreviewed
CVE-2019-3801 was published May 24, 2022
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development... High Unreviewed
CVE-2019-9534 was published May 24, 2022
Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the... High Unreviewed
CVE-2008-3438 was published May 2, 2022
An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows... High Unreviewed
CVE-2023-47353 was published Feb 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database