GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,647

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

906 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting... High Unreviewed

CVE-2024-42455 was published Dec 4, 2024

A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and... High Unreviewed

CVE-2024-50381 was published Dec 2, 2024

Incorrect access control in the component l_0_0.xml of TP-Link ARCHER-C7 v5 allows attackers to... High Unreviewed

CVE-2024-53623 was published Nov 30, 2024

Certain modes of in-vehicle routers from Billion Electric have a Missing Authentication... Critical Unreviewed

CVE-2024-11980 was published Nov 29, 2024

Multiple FCNT Android devices provide the original security features such as "privacy mode" where... Low Unreviewed

CVE-2024-53701 was published Nov 29, 2024

Missing authentication for critical function in Microsoft Azure PolicyWatch allows an... High Unreviewed

CVE-2024-49052 was published Nov 26, 2024

Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed

CVE-2019-17082 was published Nov 26, 2024

Admin authentication can be bypassed with some specific invalid credentials, which allows logging... Moderate Unreviewed

CVE-2024-33616 was published Nov 26, 2024

Improper control of framework service permissions with possibility of some sensitive device... Moderate Unreviewed

CVE-2020-12491 was published Nov 25, 2024

Improper handling of WiFi information by framework services can allow certain malicious... Low Unreviewed

CVE-2020-12492 was published Nov 25, 2024

The administrative interface listens by default on all interfaces on a TCP port and does not... Critical Unreviewed

CVE-2024-47138 was published Nov 23, 2024

Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2024-5718 was published Nov 22, 2024

Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2024-5721 was published Nov 22, 2024

A missing authentication for critical function vulnerability has been reported to affect Notes... Critical Unreviewed

CVE-2024-38643 was published Nov 22, 2024

Missing Authentication for Critical Function vulnerability in deco.Agency de:branding allows... High Unreviewed

CVE-2024-52438 was published Nov 20, 2024

Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System... High Unreviewed

CVE-2024-52437 was published Nov 20, 2024

Missing authentication for critical function vulnerability exists in Rakuten Turbo 5G firmware... Moderate Unreviewed

CVE-2024-47865 was published Nov 20, 2024

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated... Critical Unreviewed

CVE-2024-0012 was published Nov 18, 2024

A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a... High Unreviewed

CVE-2024-41969 was published Nov 18, 2024

A low privileged remote attacker may modify the boot mode configuration setup of the device,... High Unreviewed

CVE-2024-41967 was published Nov 18, 2024

A low privileged remote attacker may modify the docker settings setup of the device, leading to a... Moderate Unreviewed

CVE-2024-41968 was published Nov 18, 2024

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to... Critical Unreviewed

CVE-2024-10924 was published Nov 15, 2024

Insyde IHISI function 0x49 can restore factory defaults for certain UEFI variables without... Moderate Unreviewed

CVE-2024-39707 was published Nov 15, 2024

The software tools used by service personnel to test & calibrate the ventilator do not support... Critical Unreviewed

CVE-2024-48966 was published Nov 15, 2024

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access... High Unreviewed

CVE-2024-40408 was published Nov 14, 2024

Previous 1 2 3 4 5 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

906 advisories