GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
170 advisories
Filter by severity
A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a...
Moderate
Unreviewed
CVE-2023-5630
was published
Dec 14, 2023
A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023...
High
Unreviewed
CVE-2023-43608
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45838
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45839
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45842
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45840
was published
Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of...
High
Unreviewed
CVE-2023-45841
was published
Dec 5, 2023
In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File...
High
Unreviewed
CVE-2023-46887
was published
Nov 29, 2023
A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow...
High
Unreviewed
CVE-2023-5984
was published
Nov 15, 2023
In MLSoft TCO!stream versions 8.0.22.1115 and below, a vulnerability exists due to insufficient...
Critical
Unreviewed
CVE-2023-45799
was published
Oct 30, 2023
Artifact Hub has Incorrect Docker Hub registry check
Moderate
CVE-2023-45821
was published
for
github.com/artifacthub/hub
(Go)
Oct 19, 2023
Synel Terminals - CWE-494: Download of Code Without Integrity Check
Critical
Unreviewed
CVE-2023-37220
was published
Sep 3, 2023
Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian...
Critical
Unreviewed
CVE-2023-40254
was published
Aug 11, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with...
High
Unreviewed
CVE-2023-37864
was published
Aug 9, 2023
Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW.
Moderate
Unreviewed
CVE-2023-24500
was published
Jul 6, 2023
Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW.
Moderate
Unreviewed
CVE-2023-24503
was published
Jul 6, 2023
Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function
Moderate
CVE-2023-29401
was published
for
github.com/gin-gonic/gin
(Go)
May 12, 2023
A vulnerability has been discovered in Rocket.Chat, where editing messages can change the...
Moderate
Unreviewed
CVE-2023-28317
was published
May 10, 2023
A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0...
High
Unreviewed
CVE-2023-22635
was published
Apr 11, 2023
RuoYi vulnerable to arbitrary file download
High
CVE-2023-27025
was published
for
com.ruoyi:ruoyi
(Maven)
Apr 2, 2023
An issue was discovered in Veritas NetBackup IT Analytics 11 before 11.2.0. The application...
Moderate
Unreviewed
CVE-2023-28818
was published
Mar 24, 2023
ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of...
Critical
Unreviewed
CVE-2023-27574
was published
Mar 4, 2023
An exploitable firmware modification vulnerability was discovered in WNR612v2 Wireless Routers...
High
Unreviewed
CVE-2023-23110
was published
Feb 2, 2023
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5...
Critical
Unreviewed
CVE-2020-22658
was published
Jan 20, 2023
Certain General Electric Renewable Energy products download firmware without an integrity check....
Critical
Unreviewed
CVE-2022-24117
was published
Dec 26, 2022
ProTip!
Advisories are also available from the
GraphQL API