GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,129
Composer 4,331
Erlang 31
GitHub Actions 21
Go 2,093
Maven 5,262
npm 3,756
NuGet 678
pip 3,443
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,200

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

337 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00... High Unreviewed

CVE-2024-35124 was published Aug 13, 2024

Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass... High Unreviewed

CVE-2024-7007 was published Jul 25, 2024

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5... High Unreviewed

CVE-2024-39601 was published Jul 22, 2024

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: GL... High Unreviewed

CVE-2024-21146 was published Jul 17, 2024

Insecure permissions in the component /api/admin/user of 14Finger v1.1 allows attackers to access... High Unreviewed

CVE-2024-37767 was published Jul 5, 2024

IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive... High Unreviewed

CVE-2024-31916 was published Jun 27, 2024

Toshiba printers provides API without authentication for internal access. A local attacker can... High Unreviewed

CVE-2024-27169 was published Jun 14, 2024

Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability.... High Unreviewed

CVE-2024-5951 was published Jun 13, 2024

Missing Authentication for Critical Function vulnerability in Aruphash Crafthemes Demo Import... High Unreviewed

CVE-2024-34800 was published Jun 10, 2024

Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller... High Unreviewed

CVE-2024-32752 was published Jun 6, 2024

When configuring Arc (e.g. during the first setup), a local web interface is provided to ease the... High Unreviewed

CVE-2023-5935 was published May 15, 2024

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected... High Unreviewed

CVE-2024-27942 was published May 14, 2024

An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access... High Unreviewed

CVE-2022-32503 was published May 14, 2024

The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an... High Unreviewed

CVE-2024-2860 was published May 8, 2024

By design, the DHCP protocol does not authenticate messages, including for example the classless... High Unreviewed

CVE-2024-3661 was published May 6, 2024

Voltronic Power ViewPower getModbusPassword Missing Authentication Information Disclosure... High Unreviewed

CVE-2023-51587 was published May 3, 2024

D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution... High Unreviewed

CVE-2023-50199 was published May 3, 2024

NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability. This vulnerability allows network... High Unreviewed

CVE-2023-41183 was published May 3, 2024

D-Link DAP-1325 HNAP Missing Authentication Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2023-41187 was published May 3, 2024

Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function... High Unreviewed

CVE-2023-38123 was published May 3, 2024

The devices allow access to an unprotected endpoint that allows MPFS file system binary image... High Unreviewed

CVE-2024-1491 was published Apr 19, 2024

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed

CVE-2024-21007 was published Apr 17, 2024

An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an... High Unreviewed

CVE-2023-4857 was published Apr 15, 2024

Windows Update Stack Elevation of Privilege Vulnerability High Unreviewed

CVE-2024-26235 was published Apr 9, 2024

A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in... High Unreviewed

CVE-2024-3281 was published Apr 9, 2024

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

337 advisories