GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
The ventilator does not perform proper file integrity checks when adopting firmware updates. This...
Critical
Unreviewed
CVE-2024-48974
was published
Nov 15, 2024
The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling...
Critical
Unreviewed
CVE-2024-45321
was published
Aug 27, 2024
Download of Code Without Integrity Check vulnerability in Apache Doris.
The jdbc driver files...
Critical
Unreviewed
CVE-2024-27438
was published
Mar 21, 2024
A vulnerability allows attackers to download source code or an executable from a remote location...
Critical
Unreviewed
CVE-2023-41921
was published
Jul 2, 2024
IO-1020 Micro ELD downloads source code or an executable from an
adjacent location and executes...
Critical
Unreviewed
CVE-2024-28878
was published
Apr 12, 2024
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and...
Critical
Unreviewed
CVE-2018-5409
was published
May 24, 2022
Synel Terminals - CWE-494: Download of Code Without Integrity Check
Critical
Unreviewed
CVE-2023-37220
was published
Sep 3, 2023
Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian...
Critical
Unreviewed
CVE-2023-40254
was published
Aug 11, 2023
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an...
Critical
Unreviewed
CVE-2019-3801
was published
May 24, 2022
In MLSoft TCO!stream versions 8.0.22.1115 and below, a vulnerability exists due to insufficient...
Critical
Unreviewed
CVE-2023-45799
was published
Oct 30, 2023
Jenkins Plugin Installation Manager Tool did not verify plugin downloads
Critical
CVE-2020-2320
was published
for
io.jenkins.plugin-management:plugin-management-parent-pom
(Maven)
May 24, 2022
Printchaser v2.2021.804.1 and earlier versions contain a vulnerability, which could allow remote...
Critical
Unreviewed
CVE-2020-7883
was published
Dec 29, 2021
Download of code without integrity check vulnerability in ActiveX control of Younglimwon Co., Ltd...
Critical
Unreviewed
CVE-2020-7873
was published
May 24, 2022
Barco wePresent WiPG-1600W devices download code without an Integrity Check. Affected Version(s):...
Critical
Unreviewed
CVE-2020-28332
was published
May 24, 2022
Certain General Electric Renewable Energy products download firmware without an integrity check....
Critical
Unreviewed
CVE-2022-24117
was published
Dec 26, 2022
Honeywell Experion PKS Safety Manager (SM and FSC) through 2022-05-06 has Insufficient...
Critical
Unreviewed
CVE-2022-30315
was published
Jul 29, 2022
ProTip!
Advisories are also available from the
GraphQL API