Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,782
Erlang
36
GitHub Actions
29
Go
2,347
Maven
5,000+
npm
3,976
NuGet
720
pip
3,774
Pub
12
RubyGems
923
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

119 advisories

Loading
A download of code without Integrity check vulnerability [CWE-494] in FortiClientMac version 7.0... High Unreviewed
CVE-2023-22635 was published Apr 11, 2023
A vulnerability has been discovered in Rocket.Chat, where editing messages can change the... Moderate Unreviewed
CVE-2023-28317 was published May 10, 2023
Gin Web Framework does not properly sanitize filename parameter of Context.FileAttachment function Moderate
CVE-2023-29401 was published for github.com/gin-gonic/gin (Go) May 12, 2023
b06073708de312c27f26a2072e8f85b86_cbais godwhoa
jetzlstorfer danieljmt raph6
Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW. Moderate Unreviewed
CVE-2023-24503 was published Jul 6, 2023
Electra Central AC unit – Adjacent attacker may cause the unit to load unauthorized FW. Moderate Unreviewed
CVE-2023-24500 was published Jul 6, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with... High Unreviewed
CVE-2023-37864 was published Aug 9, 2023
Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian... Critical Unreviewed
CVE-2023-40254 was published Aug 11, 2023
Synel Terminals - CWE-494: Download of Code Without Integrity Check Critical Unreviewed
CVE-2023-37220 was published Sep 3, 2023
Artifact Hub has Incorrect Docker Hub registry check Moderate
CVE-2023-45821 was published for github.com/artifacthub/hub (Go) Oct 19, 2023
dejanzelic
In MLSoft TCO!stream versions 8.0.22.1115 and below, a vulnerability exists due to insufficient... Critical Unreviewed
CVE-2023-45799 was published Oct 30, 2023
A CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow... High Unreviewed
CVE-2023-5984 was published Nov 15, 2023
In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File... High Unreviewed
CVE-2023-46887 was published Nov 29, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45840 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45842 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45839 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45838 was published Dec 5, 2023
Multiple data integrity vulnerabilities exist in the package hash checking functionality of... High Unreviewed
CVE-2023-45841 was published Dec 5, 2023
A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023... High Unreviewed
CVE-2023-43608 was published Dec 5, 2023
A CWE-494: Download of Code Without Integrity Check vulnerability exists that could allow a... Moderate Unreviewed
CVE-2023-5630 was published Dec 14, 2023
A download of code without integrity check vulnerability in PLCnext products allows an remote... High Unreviewed
CVE-2023-46144 was published Dec 14, 2023
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs... High Unreviewed
CVE-2023-46143 was published Dec 14, 2023
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX... High Unreviewed
CVE-2023-5592 was published Dec 14, 2023
An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows... High Unreviewed
CVE-2023-47353 was published Feb 6, 2024
Download of Code Without Integrity Check vulnerability in Apache Doris. The jdbc driver files... Critical Unreviewed
CVE-2024-27438 was published Mar 21, 2024
In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org... High Unreviewed
CVE-2024-30205 was published Mar 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database