Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,422 advisories

Loading
Improper authentication in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to pair... Moderate Unreviewed
CVE-2024-20889 was published Jul 2, 2024
Improper input validation in BLE prior to SMR Jul-2024 Release 1 allows adjacent attackers to... Moderate Unreviewed
CVE-2024-20890 was published Jul 2, 2024
The N-central server is vulnerable to an authentication bypass of the user interface. This... Critical Unreviewed
CVE-2024-28200 was published Jul 1, 2024
An issue was discovered on HMS Anybus X-Gateway AB7832-F firmware version 3. The HICP protocol... High Unreviewed
CVE-2024-23767 was published Jun 26, 2024
An authentication issue was addressed with improved state management. This issue is fixed in... Low Unreviewed
CVE-2024-27867 was published Jun 26, 2024
In WhatsUp Gold versions released before 2023.1.3, there is a missing authentication... High Unreviewed
CVE-2024-5012 was published Jun 25, 2024
Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to... High Unreviewed
CVE-2024-5806 was published Jun 25, 2024
Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows... Critical Unreviewed
CVE-2024-5805 was published Jun 25, 2024
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient... Moderate Unreviewed
CVE-2024-37085 was published Jun 25, 2024
Improper Authentication vulnerability in Play.Ht allows Accessing Functionality Not Properly... Moderate Unreviewed
CVE-2024-37233 was published Jun 24, 2024
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate... Unknown Unreviewed
CVE-2024-24554 was published Jun 24, 2024
The Lifeline Donation plugin for WordPress is vulnerable to authentication bypass in versions up... Critical Unreviewed
CVE-2024-5432 was published Jun 20, 2024
Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024... Critical Unreviewed
CVE-2024-6057 was published Jun 17, 2024
IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an... High Unreviewed
CVE-2024-27275 was published Jun 15, 2024
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12.... High Unreviewed
CVE-2024-37367 was published Jun 14, 2024
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The... High Unreviewed
CVE-2024-37368 was published Jun 14, 2024
Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated... Critical Unreviewed
CVE-2024-3080 was published Jun 14, 2024
HPE Cray Parallel Application Launch Service (PALS) is subject to an authentication bypass. Critical Unreviewed
CVE-2024-22441 was published Jun 13, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an... Critical Unreviewed
CVE-2024-30299 was published Jun 13, 2024
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-35248 was published Jun 11, 2024
A vulnerability has been identified in PowerSys (All versions < V3.11). The affected application... Critical Unreviewed
CVE-2024-36266 was published Jun 11, 2024
An authentication issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed
CVE-2024-23251 was published Jun 10, 2024
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor... Moderate Unreviewed
CVE-2022-45168 was published Jun 10, 2024
fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be... High Unreviewed
CVE-2024-37408 was published Jun 8, 2024
A vulnerability was found in Clash up to 0.20.1 on Windows. It has been declared as critical.... High Unreviewed
CVE-2024-5732 was published Jun 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database