Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,018
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,150
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

95,326 advisories

Loading
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been declared as... High Unreviewed
CVE-2024-7178 was published Jul 29, 2024
A vulnerability classified as critical has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102.... High Unreviewed
CVE-2024-7180 was published Jul 29, 2024
A vulnerability, which was classified as critical, has been found in TOTOLINK A3600R 4.1.2cu... High Unreviewed
CVE-2024-7173 was published Jul 29, 2024
A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102.... High Unreviewed
CVE-2024-7172 was published Jul 29, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical.... High Unreviewed
CVE-2024-7176 was published Jul 29, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as... High Unreviewed
CVE-2024-7179 was published Jul 29, 2024
A validated user not explicitly authorized to have access to certain sensitive information could... High Unreviewed
CVE-2023-40159 was published Jul 18, 2024
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C... High Unreviewed
CVE-2024-0912 was published Jun 6, 2024
Philips Vue PACS uses default credentials for potentially critical functionality. High Unreviewed
CVE-2023-40704 was published Jul 18, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2024-21586 was published Jul 1, 2024
Apache StreamPipes has potential remote code execution (RCE) via file upload High
CVE-2024-31411 was published for org.apache.streampipes:streampipes-parent (Maven) Jul 17, 2024
Snipe-IT allows users to promote or demote themselves or other users High
CVE-2024-5685 was published for snipe/snipe-it (Composer) Jun 14, 2024
Directus Allows Single Sign-On User Enumeration High
CVE-2024-39896 was published for directus (npm) Jul 8, 2024
AdGuardHome privilege escalation vulnerability High
CVE-2024-36586 was published for github.com/AdguardTeam/AdGuardHome (Go) Jun 13, 2024
Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core' High
CVE-2023-32194 was published for github.com/rancher/rancher (Go) Feb 8, 2024
Rancher 'Audit Log' leaks sensitive information High
CVE-2023-22649 was published for github.com/rancher/rancher (Go) Feb 8, 2024
ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass High
CVE-2024-29891 was published for github.com/zitadel/zitadel (Go) Mar 28, 2024
amit-laish fforootd
livio-a adlerhurst
snapd Race Condition vulnerability High
CVE-2022-3328 was published for github.com/snapcore/snapd (Go) Jan 8, 2024
OPCFoundation.NetStandard.Opc.Ua.Core buffer-management vulnerability High
CVE-2024-33862 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jul 6, 2024
Grafana Stored Cross-site Scripting in Unified Alerting High
CVE-2022-31097 was published for github.com/grafana/grafana (Go) May 14, 2024
A vulnerability has been identified in Medicalis Workflow Orchestrator (All versions). The... High Unreviewed
CVE-2024-37999 was published Jul 8, 2024
Account Takeover via Session Fixation in Zitadel [Bypassing MFA] High
CVE-2024-28197 was published for github.com/zitadel/zitadel (Go) Mar 11, 2024
amit-laish
Vanna vulnerable to SQL Injection High
CVE-2024-5753 was published for vanna (pip) Jul 5, 2024
Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources High
CVE-2021-25318 was published for github.com/rancher/rancher (Go) Apr 24, 2024
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider High
CVE-2023-22650 was published for github.com/rancher/rancher (Go) Jun 17, 2024
ProTip! Advisories are also available from the GraphQL API