Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,126
Maven
5,000+
npm
3,787
NuGet
683
pip
3,467
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

107 advisories

Loading
The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling... Critical Unreviewed
CVE-2024-45321 was published Aug 27, 2024
Gradio lacks integrity checking on the downloaded FRP client High
CVE-2024-47867 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
An exploit is possible where an actor with physical access can manipulate SPI flash without being... Moderate Unreviewed
CVE-2024-33660 was published Nov 12, 2024
The ventilator does not perform proper file integrity checks when adopting firmware updates. This... Critical Unreviewed
CVE-2024-48974 was published Nov 15, 2024
BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. It... Low Unreviewed
CVE-2024-42183 was published Jan 23, 2025
ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware... High Unreviewed
CVE-2024-52331 was published Jan 23, 2025
CWE-494: Download of Code Without Integrity Check vulnerability exists that could render the... High Unreviewed
CVE-2025-1058 was published Feb 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database