GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,017
Maven
5,000+
npm
3,722
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
322 advisories
Filter by severity
A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a...
High
Unreviewed
CVE-2024-42456
was published
Dec 4, 2024
Incorrect access control in the component l_0_0.xml of TP-Link ARCHER-C7 v5 allows attackers to...
High
Unreviewed
CVE-2024-53623
was published
Nov 30, 2024
A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and...
High
Unreviewed
CVE-2024-50381
was published
Dec 2, 2024
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an...
High
Unreviewed
CVE-2024-49052
was published
Nov 26, 2024
Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows...
High
Unreviewed
CVE-2024-40405
was published
Nov 14, 2024
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access...
High
Unreviewed
CVE-2024-40408
was published
Nov 14, 2024
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-5718
was published
Nov 22, 2024
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-5721
was published
Nov 22, 2024
A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in...
High
Unreviewed
CVE-2024-3281
was published
Apr 9, 2024
Missing Authentication for Critical Function vulnerability in deco.Agency de:branding allows...
High
Unreviewed
CVE-2024-52438
was published
Nov 20, 2024
Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System...
High
Unreviewed
CVE-2024-52437
was published
Nov 20, 2024
A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a...
High
Unreviewed
CVE-2024-41969
was published
Nov 18, 2024
A low privileged remote attacker may modify the boot mode configuration setup of the device,...
High
Unreviewed
CVE-2024-41967
was published
Nov 18, 2024
Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: GL...
High
Unreviewed
CVE-2024-21146
was published
Jul 17, 2024
The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require...
High
Unreviewed
CVE-2021-34543
was published
Dec 8, 2021
An unauthenticated attacker with access to the local network of the
medical office can query an...
High
Unreviewed
CVE-2024-50589
was published
Nov 8, 2024
An issue was discovered in Logpoint before 7.5.0. Endpoints for creating, editing, or deleting...
High
Unreviewed
CVE-2024-48953
was published
Nov 7, 2024
An issue was discovered in Logpoint before 7.5.0. An endpoint used by Distributed Logpoint Setup...
High
Unreviewed
CVE-2024-48950
was published
Nov 7, 2024
Insecure permissions in the component /api/admin/user of 14Finger v1.1 allows attackers to access...
High
Unreviewed
CVE-2024-37767
was published
Jul 5, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token...
High
Unreviewed
CVE-2024-50488
was published
Oct 28, 2024
The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows...
High
Unreviewed
CVE-2023-38379
was published
Jul 16, 2023
An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access...
High
Unreviewed
CVE-2022-32503
was published
May 14, 2024
A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions...
High
Unreviewed
CVE-2023-39981
was published
Sep 2, 2023
The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and...
High
Unreviewed
CVE-2024-10002
was published
Oct 22, 2024
A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX...
High
Unreviewed
CVE-2022-23862
was published
Oct 22, 2024
ProTip!
Advisories are also available from the
GraphQL API