Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,086
Maven
5,000+
npm
3,749
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

63 advisories

Loading
A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023... High Unreviewed
CVE-2023-43608 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45842 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45841 was published Dec 5, 2023
A download of code without integrity check vulnerability in PLCnext products allows an remote... High Unreviewed
CVE-2023-46144 was published Dec 14, 2023
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs... High Unreviewed
CVE-2023-46143 was published Dec 14, 2023
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX... High Unreviewed
CVE-2023-5592 was published Dec 14, 2023
An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows... High Unreviewed
CVE-2023-47353 was published Feb 6, 2024
In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org... High Unreviewed
CVE-2024-30205 was published Mar 25, 2024
WP Crontrol vulnerable to possible RCE when combined with a pre-condition High
CVE-2024-28850 was published for johnbillion/wp-crontrol (Composer) Mar 25, 2024
johnbillion calvinalkan
Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-39474 was published May 3, 2024
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the... High Unreviewed
CVE-2024-33118 was published May 6, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... High Unreviewed
CVE-2024-30206 was published May 14, 2024
Gradio lacks integrity checking on the downloaded FRP client High
CVE-2024-47867 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database