Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

424 advisories

Loading
Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System... High Unreviewed
CVE-2024-52437 was published Nov 20, 2024
Missing Authentication for Critical Function vulnerability in deco.Agency de:branding allows... High Unreviewed
CVE-2024-52438 was published Nov 20, 2024
A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a... High Unreviewed
CVE-2024-41969 was published Nov 18, 2024
A low privileged remote attacker may modify the boot mode configuration setup of the device,... High Unreviewed
CVE-2024-41967 was published Nov 18, 2024
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access... High Unreviewed
CVE-2024-40408 was published Nov 14, 2024
Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows... High Unreviewed
CVE-2024-40405 was published Nov 14, 2024
A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version... High Unreviewed
CVE-2024-47574 was published Nov 13, 2024
A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle... High Unreviewed
CVE-2024-7516 was published Nov 12, 2024
An unauthenticated attacker with access to the local network of the medical office can query an... High Unreviewed
CVE-2024-50589 was published Nov 8, 2024
An issue was discovered in Logpoint before 7.5.0. Endpoints for creating, editing, or deleting... High Unreviewed
CVE-2024-48953 was published Nov 7, 2024
An issue was discovered in Logpoint before 7.5.0. An endpoint used by Distributed Logpoint Setup... High Unreviewed
CVE-2024-48950 was published Nov 7, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token... High Unreviewed
CVE-2024-50488 was published Oct 28, 2024
A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX... High Unreviewed
CVE-2022-23862 was published Oct 22, 2024
The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and... High Unreviewed
CVE-2024-10002 was published Oct 22, 2024
A vulnerability in the AWV (Audio, Web, and Video) Conferencing component of Mitel MiCollab... High Unreviewed
CVE-2024-47912 was published Oct 21, 2024
The affected product is vulnerable to an attacker being able to use commands without providing a... High Unreviewed
CVE-2024-49399 was published Oct 17, 2024
Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1... High Unreviewed
CVE-2024-23783 was published Oct 17, 2024
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-9861 was published Oct 17, 2024
BIG-IP monitor functionality may allow an attacker to bypass access control restrictions,... High Unreviewed
CVE-2024-45844 was published Oct 16, 2024
Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP... High Unreviewed
CVE-2024-5749 was published Oct 15, 2024
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to... High Unreviewed
CVE-2024-45276 was published Oct 15, 2024
An issue in Plug n Play Camera com.starvedia.mCamView.zwave 5.5.1 allows a remote attacker to... High Unreviewed
CVE-2024-48791 was published Oct 14, 2024
The affected product lacks an authentication check when sending commands to the server via the... High Unreviewed
CVE-2024-9137 was published Oct 14, 2024
LEDVANCE com.ledvance.smartplus.eu 2.1.10 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-48777 was published Oct 11, 2024
An issue in almando GmbH Almando Play APP (com.almando.play) 1.8.2 allows a remote attacker to... High Unreviewed
CVE-2024-48771 was published Oct 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database