GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
81 advisories
Filter by severity
Parse Server before 4.10.0 contains a supply chain vulnerability where incorrect version tags...
High
Unreviewed
CVE-2021-47986
was published
Jun 26, 2026
Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version...
High
Unreviewed
CVE-2021-47987
was published
Jun 26, 2026
The ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained...
High
Unreviewed
CVE-2026-9089
was published
May 21, 2026
Ollama for Windows does not perform integrity or authenticity verification of downloaded update...
High
Unreviewed
CVE-2026-42248
was published
Apr 29, 2026
Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can be uploaded. The ...
High
Unreviewed
CVE-2026-40066
was published
Apr 17, 2026
TrueConf Client downloads application update code and applies it without performing verification....
High
Unreviewed
CVE-2026-3502
was published
Mar 30, 2026
Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity...
High
Unreviewed
CVE-2025-15556
was published
Feb 3, 2026
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before...
High
Unreviewed
CVE-2025-55310
was published
Dec 11, 2025
An issue in Shirt Pocket SuperDuper! V.3.10 and before allows a local attacker to execute...
High
Unreviewed
CVE-2025-61228
was published
Dec 1, 2025
The update mechanism in Xtooltech Xtool AnyScan Android Application 4.40.40 and prior is insecure...
High
Unreviewed
CVE-2025-63434
was published
Nov 24, 2025
The Sound4 FIRST web-based management interface is vulnerable to Remote Code Execution (RCE) via...
High
Unreviewed
CVE-2025-63220
was published
Nov 19, 2025
The Sound4 IMPACT web-based management interface is vulnerable to Remote Code Execution (RCE) via...
High
Unreviewed
CVE-2025-63215
was published
Nov 19, 2025
An issue in the Web Configuration module of Startcharge Artemis AC Charger 7-22 kW v1.0.4 allows...
High
Unreviewed
CVE-2025-52263
was published
Oct 27, 2025
The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from...
High
Unreviewed
CVE-2025-11493
was published
Oct 16, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.843 and...
High
Unreviewed
CVE-2025-34212
was published
Sep 29, 2025
The Sound4 PULSE-ECO AES67 1.22 web-based management interface is vulnerable to Remote Code...
High
Unreviewed
CVE-2025-57431
was published
Sep 22, 2025
A potential vulnerability was reported in the Lenovo Wallpaper Client that could allow arbitrary...
High
Unreviewed
CVE-2025-9319
was published
Sep 11, 2025
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air...
High
Unreviewed
CVE-2025-30199
was published
Sep 5, 2025
A firmware update vulnerability exists in the Firmware Signature Validation functionality of...
High
Unreviewed
CVE-2025-31355
was published
Aug 20, 2025
The affected product allows firmware updates to be downloaded from EG4's
website, transferred...
High
Unreviewed
CVE-2025-53520
was published
Aug 8, 2025
Download of code without integrity check vulnerability in AirPrint functionality in Synology...
High
Unreviewed
CVE-2024-39348
was published
Aug 7, 2025
The cross-browser document creation component developed by Digitware System Integration...
High
Unreviewed
CVE-2025-7620
was published
Jul 14, 2025
Download of Code Without Integrity Check vulnerability in Centreon web allows Reflected XSS.
A...
High
Unreviewed
CVE-2025-4648
was published
May 13, 2025
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a user to...
High
Unreviewed
CVE-2024-43169
was published
Mar 3, 2025
SunGrow WiNet-S V200.001.00.P025 and earlier versions is missing integrity checks for firmware...
High
Unreviewed
CVE-2024-50696
was published
Feb 26, 2025
ProTip!
Advisories are also available from the
GraphQL API