Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,330
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

57 advisories

Loading
Asio C++ Library before 1.13.0 lacks a fallback error code in the case of SSL_ERROR_SYSCALL with... High Unreviewed
CVE-2019-25219 was published Oct 29, 2024
Insecure Default Initialization of Resource vulnerability in Apache Solr High
CVE-2024-45217 was published for org.apache.solr:solr (Maven) Oct 16, 2024
Insecure initial password configuration issue in SEIKO EPSON Web Config allows a remote... High Unreviewed
CVE-2024-47295 was published Oct 1, 2024
Firefox normally asks for confirmation before asking the operating system to find an application... High Unreviewed
CVE-2024-8383 was published Sep 3, 2024
In onForegroundServiceButtonClicked of FooterActionsViewModel.kt, there is a possible way to... High Unreviewed
CVE-2024-34734 was published Aug 16, 2024
A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the... High Unreviewed
CVE-2024-6788 was published Aug 13, 2024
Apache ActiveMQ's default configuration doesn't secure the API web context High
CVE-2024-32114 was published for org.apache.activemq:apache-activemq (Maven) May 2, 2024
Initialization of a resource with an insecure default vulnerability in OET-213H-BTS1 sold in... High Unreviewed
CVE-2024-25972 was published Mar 1, 2024
An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther... High Unreviewed
CVE-2023-27516 was published Oct 12, 2023
MTProto proxy remote code execution vulnerability High
CVE-2023-45312 was published for mtproto_proxy (Erlang) Oct 10, 2023
ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by... High Unreviewed
CVE-2023-3453 was published Aug 24, 2023
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb... High Unreviewed
CVE-2023-35689 was published Aug 15, 2023
Active Debug Code vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200... High Unreviewed
CVE-2023-1618 was published May 19, 2023
Apache superset missing check for default SECRET_KEY High
CVE-2023-27524 was published for apache-superset (pip) Apr 24, 2023
In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed. High Unreviewed
CVE-2022-48432 was published Mar 29, 2023
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could... High Unreviewed
CVE-2022-4224 was published Mar 23, 2023
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution... High Unreviewed
CVE-2022-2196 was published Jan 9, 2023
A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve... High Unreviewed
CVE-2022-3262 was published Dec 8, 2022
Tinyproxy commit 84f203f and earlier does not process HTTP request lines in the process_request()... High Unreviewed
CVE-2022-40468 was published Sep 20, 2022
WildFly vulnerable to Insecure Default Initialization of Resource High
CVE-2022-1278 was published for org.wildfly.bom:wildfly (Maven) Sep 14, 2022
nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a... High Unreviewed
CVE-2021-40825 was published May 24, 2022
In permission declarations of DeviceAdminReceiver.java, there is a possible lack of broadcast... High Unreviewed
CVE-2021-0534 was published May 24, 2022
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs... High Unreviewed
CVE-2019-20470 was published May 24, 2022
A spoofing vulnerability manifests in Microsoft Xamarin.Forms due to the default settings on... High Unreviewed
CVE-2020-16873 was published May 24, 2022
Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is... High Unreviewed
CVE-2020-14011 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database