Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

69 advisories

Loading
A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0... High Unreviewed
CVE-2023-22635 was published Apr 11, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with... High Unreviewed
CVE-2023-37864 was published Aug 9, 2023
Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-39474 was published May 3, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... High Unreviewed
CVE-2024-30206 was published May 14, 2024
LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the... High Unreviewed
CVE-2024-33118 was published May 6, 2024
Cargo prior to Rust 1.26.0 may download the wrong dependency High
CVE-2019-16760 was published for cargo (Rust) May 24, 2022
A download of code without integrity check vulnerability in PLCnext products allows an remote... High Unreviewed
CVE-2023-46144 was published Dec 14, 2023
A download of code without integrity check vulnerability in the "execute restore src-vis" command... High Unreviewed
CVE-2021-44168 was published Jan 5, 2022
In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org... High Unreviewed
CVE-2024-30205 was published Mar 25, 2024
Django vulnerable to Reflected File Download attack High
CVE-2022-36359 was published for Django (pip) Aug 11, 2022
sunSUNQ levpachmanov
G-Rath
Gradio lacks integrity checking on the downloaded FRP client High
CVE-2024-47867 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware... High Unreviewed
CVE-2024-52331 was published Jan 23, 2025
CWE-494: Download of Code Without Integrity Check vulnerability exists that could render the... High Unreviewed
CVE-2025-1058 was published Feb 13, 2025
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a user to... High Unreviewed
CVE-2024-43169 was published Mar 3, 2025
SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware... High Unreviewed
CVE-2024-50696 was published Feb 26, 2025
An exploitable firmware modification vulnerability was discovered in WNR612v2 Wireless Routers... High Unreviewed
CVE-2023-23110 was published Feb 2, 2023
An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router... High Unreviewed
CVE-2022-46423 was published Dec 20, 2022
Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of... High Unreviewed
CVE-2017-13083 was published May 13, 2022
Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS. A... High Unreviewed
CVE-2025-4648 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database