Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

101 advisories

Loading
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an... Critical Unreviewed
CVE-2019-3801 was published May 24, 2022
WP Crontrol vulnerable to possible RCE when combined with a pre-condition High
CVE-2024-28850 was published for johnbillion/wp-crontrol (Composer) Mar 25, 2024
johnbillion calvinalkan
RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application High
CVE-2020-5398 was published for org.springframework:spring-webflux (Maven) Jan 21, 2020
briandealwis sunSUNQ
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development... High Unreviewed
CVE-2019-9534 was published May 24, 2022
Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the... High Unreviewed
CVE-2008-3438 was published May 2, 2022
An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows... High Unreviewed
CVE-2023-47353 was published Feb 6, 2024
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download... High Unreviewed
CVE-2001-1125 was published Apr 30, 2022
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications... High Unreviewed
CVE-2002-0671 was published Apr 30, 2022
The PartyGaming PartyPoker client program 121/120 does not properly verify the authenticity of... High Unreviewed
CVE-2008-3324 was published May 1, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... Moderate Unreviewed
CVE-2020-1576 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly... Moderate Unreviewed
CVE-2020-1595 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-1453 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-1452 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed
CVE-2020-1200 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... Moderate Unreviewed
CVE-2020-1210 was published May 24, 2022
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX... High Unreviewed
CVE-2023-5592 was published Dec 14, 2023
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs... High Unreviewed
CVE-2023-46143 was published Dec 14, 2023
A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a... Moderate Unreviewed
CVE-2023-5630 was published Dec 14, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45842 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45841 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45840 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45839 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45838 was published Dec 5, 2023
A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023... High Unreviewed
CVE-2023-43608 was published Dec 5, 2023
In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File... High Unreviewed
CVE-2023-46887 was published Nov 29, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database