Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

338 advisories

Loading
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to... High Unreviewed
CVE-2024-45276 was published Oct 15, 2024
A file handling command vulnerability in certain versions of Armoury Crate may result in... High Unreviewed
CVE-2024-12957 was published Jan 23, 2025
A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version... High Unreviewed
CVE-2024-47574 was published Nov 13, 2024
Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects... High Unreviewed
CVE-2024-7125 was published Aug 27, 2024
Nedap Librix Ecoreader is missing authentication for critical functions that could allow an ... High Unreviewed
CVE-2024-12757 was published Jan 17, 2025
The affected product lacks an authentication check when sending commands to the server via the... High Unreviewed
CVE-2024-9137 was published Oct 14, 2024
Talend Data Catalog remote harvesting server before 8.0-20230413 contains a /upgrade endpoint... High Unreviewed
CVE-2023-33247 was published May 26, 2023
The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of... High Unreviewed
CVE-2023-31227 was published May 26, 2023
Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver... High Unreviewed
CVE-2025-0355 was published Jan 15, 2025
A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0... High Unreviewed
CVE-2024-35277 was published Jan 14, 2025
Windows LSA Spoofing Vulnerability. High Unreviewed
CVE-2022-26925 was published May 11, 2022
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48494 was published Jun 19, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48496 was published Jun 19, 2023
Locally installed application can bypass the permission check and perform system operations that... High Unreviewed
CVE-2021-26280 was published Dec 17, 2024
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before... High Unreviewed
CVE-2024-2450 was published Mar 15, 2024
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful... High Unreviewed
CVE-2022-48621 was published Feb 18, 2024
Lua apps can be deployed, removed, started, reloaded or stopped without authorization via... High Unreviewed
CVE-2024-10776 was published Dec 6, 2024
Unauthenticated CROWN APIs allow access to critical functions. This leads to the accessibility of... High Unreviewed
CVE-2024-10774 was published Dec 6, 2024
A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting... High Unreviewed
CVE-2024-42455 was published Dec 4, 2024
A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a... High Unreviewed
CVE-2024-42456 was published Dec 4, 2024
Incorrect access control in the component l_0_0.xml of TP-Link ARCHER-C7 v5 allows attackers to... High Unreviewed
CVE-2024-53623 was published Nov 30, 2024
A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and... High Unreviewed
CVE-2024-50381 was published Dec 2, 2024
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an... High Unreviewed
CVE-2024-49052 was published Nov 26, 2024
Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows... High Unreviewed
CVE-2024-40405 was published Nov 14, 2024
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access... High Unreviewed
CVE-2024-40408 was published Nov 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database