GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
66 advisories
Filter by severity
In the development options section of the Settings app, there is a possible authentication bypass...
High
Unreviewed
CVE-2018-9477
was published
Nov 20, 2024
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service...
High
Unreviewed
CVE-2024-22066
was published
Oct 29, 2024
IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay.
High
Unreviewed
CVE-2024-46041
was published
Oct 7, 2024
The session hijacking attack targets the application layer's control mechanism, which manages...
High
Unreviewed
CVE-2024-43099
was published
Sep 13, 2024
An attacker with local access to machine where MicroSCADA X
SYS600 is installed, could enable the...
High
Unreviewed
CVE-2024-3982
was published
Aug 27, 2024
An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and...
High
Unreviewed
CVE-2024-38890
was published
Aug 2, 2024
There exists a vulnerability in Quickshare/Nearby where an attacker can bypass the accept file...
High
Unreviewed
CVE-2024-38272
was published
Jun 26, 2024
@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass
High
CVE-2024-34065
was published
for
@strapi/plugin-users-permissions
(npm)
Jun 12, 2024
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise...
High
Unreviewed
CVE-2024-29851
was published
May 23, 2024
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.
High
Unreviewed
CVE-2024-29850
was published
May 23, 2024
The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to...
High
Unreviewed
CVE-2023-46892
was published
Jan 23, 2024
Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3...
High
Unreviewed
CVE-2022-46480
was published
Dec 5, 2023
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X...
High
Unreviewed
CVE-2023-39547
was published
Nov 17, 2023
Sustainsys.Saml2 Insufficient Identity Provider Issuer Validation
High
CVE-2023-41890
was published
for
Kentor.AuthServices
(NuGet)
Sep 20, 2023
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor with man-in...
High
Unreviewed
CVE-2023-20900
was published
Aug 31, 2023
ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication Bypass. The implementation...
High
Unreviewed
CVE-2023-34625
was published
Jul 20, 2023
Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an...
High
Unreviewed
CVE-2022-25836
was published
Jul 6, 2023
Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an...
High
Unreviewed
CVE-2022-25837
was published
Jul 6, 2023
Vulnerability of identity verification being bypassed in the storage module. Successful...
High
Unreviewed
CVE-2022-48507
was published
Jul 6, 2023
Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access...
High
Unreviewed
CVE-2023-31763
was published
May 24, 2023
Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows...
High
Unreviewed
CVE-2023-31762
was published
May 24, 2023
Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full...
High
Unreviewed
CVE-2023-31759
was published
May 24, 2023
Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows...
High
Unreviewed
CVE-2023-31761
was published
May 24, 2023
thorsten/phpmyfaq vulnerable to authentication bypass
High
CVE-2023-1886
was published
for
thorsten/phpmyfaq
(Composer)
Apr 5, 2023
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an...
High
Unreviewed
CVE-2023-0036
was published
Jan 9, 2023
ProTip!
Advisories are also available from the
GraphQL API