GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
231 advisories
Filter by severity
Admin authentication can be bypassed with some specific invalid credentials, which allows logging...
Moderate
Unreviewed
CVE-2024-33616
was published
Nov 26, 2024
Improper control of framework service permissions with possibility of some sensitive device...
Moderate
Unreviewed
CVE-2020-12491
was published
Nov 25, 2024
Missing authentication for critical function vulnerability exists in Rakuten Turbo 5G firmware...
Moderate
Unreviewed
CVE-2024-47865
was published
Nov 20, 2024
A low privileged remote attacker may modify the docker settings setup of the device, leading to a...
Moderate
Unreviewed
CVE-2024-41968
was published
Nov 18, 2024
Insyde IHISI function 0x49 can restore factory defaults for certain UEFI variables without...
Moderate
Unreviewed
CVE-2024-39707
was published
Nov 15, 2024
A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4...
Moderate
Unreviewed
CVE-2024-26011
was published
Nov 12, 2024
An issue was discovered in Logpoint before 7.5.0. SOAR uses a static JWT secret key to generate...
Moderate
Unreviewed
CVE-2024-48952
was published
Nov 7, 2024
The LSC Smart Connect Indoor IP Camera V7.6.32 is vulnerable to an information disclosure issue...
Moderate
Unreviewed
CVE-2024-51362
was published
Nov 5, 2024
The Get Quote For Woocommerce – Request A Quote For Woocommerce plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9430
was published
Oct 31, 2024
Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA...
Moderate
Unreviewed
CVE-2024-48442
was published
Oct 24, 2024
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2...
Moderate
Unreviewed
CVE-2024-47902
was published
Oct 23, 2024
Vilo 5 Mesh WiFi System <= 5.16.1.33 lacks authentication in the Boa webserver, which allows...
Moderate
Unreviewed
CVE-2024-40091
was published
Oct 21, 2024
CWE-306: Missing Authentication for Critical Function vulnerability exists that could
cause...
Moderate
Unreviewed
CVE-2024-8530
was published
Oct 11, 2024
An unauthenticated remote attacker may use the devices traffic capture without authentication to...
Moderate
Unreviewed
CVE-2024-35294
was published
Oct 2, 2024
Missing authentication for critical function vulnerability in proxy settings functionality in...
Moderate
Unreviewed
CVE-2023-52949
was published
Sep 26, 2024
Missing authentication for critical function vulnerability in logout functionality in Synology...
Moderate
Unreviewed
CVE-2023-52947
was published
Sep 26, 2024
The Versa Director offers REST APIs for orchestration and management. By design, certain APIs,...
Moderate
Unreviewed
CVE-2024-45229
was published
Sep 20, 2024
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September...
Moderate
Unreviewed
CVE-2024-8320
was published
Sep 10, 2024
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September...
Moderate
Unreviewed
CVE-2024-8321
was published
Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Moderate
Unreviewed
CVE-2024-37991
was published
Sep 10, 2024
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive...
Moderate
Unreviewed
CVE-2024-35151
was published
Aug 22, 2024
Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing...
Moderate
Unreviewed
CVE-2024-43272
was published
Aug 19, 2024
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-38143
was published
Aug 13, 2024
IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document...
Moderate
Unreviewed
CVE-2024-35143
was published
Aug 4, 2024
A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u...
Moderate
Unreviewed
CVE-2024-7154
was published
Jul 28, 2024
ProTip!
Advisories are also available from the
GraphQL API