Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

777 advisories

Loading
IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document... Moderate Unreviewed
CVE-2024-35143 was published Aug 4, 2024
Navidrome uses MD5 hashing algorithm Moderate
CVE-2024-41259 was published for github.com/navidrome/navidrome (Go) Aug 1, 2024
A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and... Moderate Unreviewed
CVE-2024-7079 was published Jul 24, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5... High Unreviewed
CVE-2024-39601 was published Jul 22, 2024
Insufficient authentication in user account management in Yugabyte Platform allows local network... Moderate Unreviewed
CVE-2024-6895 was published Jul 19, 2024
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an... Critical Unreviewed
CVE-2024-5910 was published Jul 10, 2024
An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read,... Critical Unreviewed
CVE-2024-6422 was published Jul 10, 2024
A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs.... Critical Unreviewed
CVE-2023-41918 was published Jul 2, 2024
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive... High Unreviewed
CVE-2024-31916 was published Jun 27, 2024
STRIMZI incorrect access control High
CVE-2024-36543 was published for io.strimzi:strimzi (Maven) Jun 17, 2024
Toshiba printers provides API without authentication for internal access. A local attacker can... High Unreviewed
CVE-2024-27169 was published Jun 14, 2024
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure... Moderate Unreviewed
CVE-2024-5947 was published Jun 13, 2024
Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability.... High Unreviewed
CVE-2024-5951 was published Jun 13, 2024
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This... Moderate Unreviewed
CVE-2024-5952 was published Jun 13, 2024
Missing Authentication for Critical Function vulnerability in Aruphash Crafthemes Demo Import... High Unreviewed
CVE-2024-34800 was published Jun 10, 2024
Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller... High Unreviewed
CVE-2024-32752 was published Jun 6, 2024
IBM System Storage DS8900F 89.22.19.0, 89.30.68.0, 89.32.40.0, 89.33.48.0, 89.40.83.0, and 89.40... Moderate Unreviewed
CVE-2024-22326 was published Jun 6, 2024
Unauthenticated Access to sensitive settings in Argo CD Moderate
CVE-2024-37152 was published for github.com/argoproj/argo-cd/v2/server (Go) Jun 6, 2024
moshikoHassan
A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an... Moderate Unreviewed
CVE-2024-20391 was published May 15, 2024
When configuring Arc (e.g. during the first setup), a local web interface is provided to ease the... High Unreviewed
CVE-2023-5935 was published May 15, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected... High Unreviewed
CVE-2024-27942 was published May 14, 2024
An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel... Critical Unreviewed
CVE-2024-32735 was published May 14, 2024
The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an... High Unreviewed
CVE-2024-2860 was published May 8, 2024
D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2023-37325 was published May 8, 2024
NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information... Moderate Unreviewed
CVE-2021-34983 was published May 8, 2024
ProTip! Advisories are also available from the GraphQL API