Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

95,358 advisories

Loading
The Modern Events Calendar plugin for WordPress is vulnerable to Server-Side Request Forgery in... High Unreviewed
CVE-2024-6522 was published Aug 7, 2024
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy... High Unreviewed
CVE-2024-7266 was published Aug 7, 2024
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy... High Unreviewed
CVE-2024-7265 was published Aug 7, 2024
electron-updater Code Signing Bypass on Windows High
CVE-2024-39698 was published for electron-updater (npm) Jul 9, 2024
mmaietta thomas-chauchefoin-bentley-systems
eb-bsi
An issue was discovered in Ubuntu wpa_supplicant that resulted in loading of arbitrary shared... High Unreviewed
CVE-2024-5290 was published Aug 7, 2024
Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote... High Unreviewed
CVE-2024-36132 was published Aug 7, 2024
An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an... High Unreviewed
CVE-2024-36131 was published Aug 7, 2024
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard... High Unreviewed
CVE-2017-12741 was published May 13, 2022
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been classified as... High Unreviewed
CVE-2024-7157 was published Jul 28, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been declared as... High Unreviewed
CVE-2024-7178 was published Jul 29, 2024
A vulnerability classified as critical has been found in TOTOLINK A3600R 4.1.2cu.5182_B20201102.... High Unreviewed
CVE-2024-7180 was published Jul 29, 2024
A vulnerability, which was classified as critical, has been found in TOTOLINK A3600R 4.1.2cu... High Unreviewed
CVE-2024-7173 was published Jul 29, 2024
A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102.... High Unreviewed
CVE-2024-7172 was published Jul 29, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102 and classified as critical.... High Unreviewed
CVE-2024-7176 was published Jul 29, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as... High Unreviewed
CVE-2024-7179 was published Jul 29, 2024
A validated user not explicitly authorized to have access to certain sensitive information could... High Unreviewed
CVE-2023-40159 was published Jul 18, 2024
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C... High Unreviewed
CVE-2024-0912 was published Jun 6, 2024
Philips Vue PACS uses default credentials for potentially critical functionality. High Unreviewed
CVE-2023-40704 was published Jul 18, 2024
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... High Unreviewed
CVE-2024-21586 was published Jul 1, 2024
Apache StreamPipes has potential remote code execution (RCE) via file upload High
CVE-2024-31411 was published for org.apache.streampipes:streampipes-parent (Maven) Jul 17, 2024
Snipe-IT allows users to promote or demote themselves or other users High
CVE-2024-5685 was published for snipe/snipe-it (Composer) Jun 14, 2024
Directus Allows Single Sign-On User Enumeration High
CVE-2024-39896 was published for directus (npm) Jul 8, 2024
AdGuardHome privilege escalation vulnerability High
CVE-2024-36586 was published for github.com/AdguardTeam/AdGuardHome (Go) Jun 13, 2024
Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core' High
CVE-2023-32194 was published for github.com/rancher/rancher (Go) Feb 8, 2024
Rancher 'Audit Log' leaks sensitive information High
CVE-2023-22649 was published for github.com/rancher/rancher (Go) Feb 8, 2024
ProTip! Advisories are also available from the GraphQL API