Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

64 advisories

Loading
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-1200 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-1453 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-1452 was published May 24, 2022
An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check,... High Unreviewed
CVE-2021-27574 was published May 24, 2022
Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A... High Unreviewed
CVE-2021-33879 was published May 24, 2022
In cPanel before 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads (SEC... High Unreviewed
CVE-2021-38588 was published May 24, 2022
Download of code without integrity check vulnerability in NEXACRO14 Runtime ActiveX control of... High Unreviewed
CVE-2020-7874 was published May 24, 2022
DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, which could allow remote... High Unreviewed
CVE-2020-7875 was published May 24, 2022
A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on... High Unreviewed
CVE-2020-28213 was published May 24, 2022
Caphyon Ltd Advanced Installer 19.2 was discovered to contain a remote code execution (RCE)... High Unreviewed
CVE-2022-27438 was published Jun 7, 2022
A vulnerability exists in the file upload validation part of Hitachi Energy TXpert Hub CoreTec 4... High Unreviewed
CVE-2021-35532 was published Jun 8, 2022
Django vulnerable to Reflected File Download attack High
CVE-2022-36359 was published for Django (pip) Aug 11, 2022
sunSUNQ levpachmanov
G-Rath
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 5.00.008.053 via... High Unreviewed
CVE-2021-45027 was published Sep 2, 2022
Novel-Plus v3.6.2 was discovered to contain an arbitrary file download vulnerability via the... High Unreviewed
CVE-2022-36671 was published Sep 2, 2022
Data Integrity Failure in 'Backup Config' in D-Link DNR-322L <= 2.60B15 allows an authenticated... High Unreviewed
CVE-2022-40799 was published Nov 29, 2022
Sinatra vulnerable to Reflected File Download attack High
CVE-2022-45442 was published for sinatra (RubyGems) Nov 30, 2022
motoyasu-saburi
An exploitable firmware modification vulnerability was discovered in WNR612v2 Wireless Routers... High Unreviewed
CVE-2023-23110 was published Feb 2, 2023
RuoYi vulnerable to arbitrary file download High
CVE-2023-27025 was published for com.ruoyi:ruoyi (Maven) Apr 2, 2023
A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0... High Unreviewed
CVE-2023-22635 was published Apr 11, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with... High Unreviewed
CVE-2023-37864 was published Aug 9, 2023
A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow... High Unreviewed
CVE-2023-5984 was published Nov 15, 2023
In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File... High Unreviewed
CVE-2023-46887 was published Nov 29, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45841 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45842 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45838 was published Dec 5, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database