Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

876 advisories

Loading
Admin authentication can be bypassed with some specific invalid credentials, which allows logging... Moderate Unreviewed
CVE-2024-33616 was published Nov 26, 2024
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful... High Unreviewed
CVE-2022-48621 was published Feb 18, 2024
Unauthenticated CROWN APIs allow access to critical functions. This leads to the accessibility of... High Unreviewed
CVE-2024-10774 was published Dec 6, 2024
Lua apps can be deployed, removed, started, reloaded or stopped without authorization via... High Unreviewed
CVE-2024-10776 was published Dec 6, 2024
A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting... High Unreviewed
CVE-2024-42455 was published Dec 4, 2024
A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a... High Unreviewed
CVE-2024-42456 was published Dec 4, 2024
Incorrect access control in the component l_0_0.xml of TP-Link ARCHER-C7 v5 allows attackers to... High Unreviewed
CVE-2024-53623 was published Nov 30, 2024
A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and... High Unreviewed
CVE-2024-50381 was published Dec 2, 2024
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated... Critical Unreviewed
CVE-2024-0012 was published Nov 18, 2024
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server... Critical Unreviewed
CVE-2023-42793 was published Sep 19, 2023
Certain modes of in-vehicle routers from Billion Electric have a Missing Authentication... Critical Unreviewed
CVE-2024-11980 was published Nov 29, 2024
Multiple FCNT Android devices provide the original security features such as "privacy mode" where... Low Unreviewed
CVE-2024-53701 was published Nov 29, 2024
Insyde IHISI function 0x49 can restore factory defaults for certain UEFI variables without... Moderate Unreviewed
CVE-2024-39707 was published Nov 15, 2024
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an... Critical Unreviewed
CVE-2024-5910 was published Jul 10, 2024
STW (aka Sensor-Technik Wiedemann) TCG-4 Connectivity Module DeploymentPackage_v3.03r0-Impala and... Critical Unreviewed
CVE-2023-35830 was published Jun 29, 2023
An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message... Moderate Unreviewed
CVE-2023-34761 was published Jun 28, 2023
Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed
CVE-2019-17082 was published Nov 26, 2024
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an... High Unreviewed
CVE-2024-49052 was published Nov 26, 2024
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access... Critical Unreviewed
CVE-2024-40404 was published Nov 14, 2024
Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows... High Unreviewed
CVE-2024-40405 was published Nov 14, 2024
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access... High Unreviewed
CVE-2024-40408 was published Nov 14, 2024
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An... Critical Unreviewed
CVE-2023-28461 was published Mar 16, 2023
Improper handling of WiFi information by framework services can allow certain malicious... Low Unreviewed
CVE-2020-12492 was published Nov 25, 2024
Improper control of framework service permissions with possibility of some sensitive device... Moderate Unreviewed
CVE-2020-12491 was published Nov 25, 2024
The administrative interface listens by default on all interfaces on a TCP port and does not... Critical Unreviewed
CVE-2024-47138 was published Nov 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database