GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
872 advisories
Filter by severity
A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a...
High
Unreviewed
CVE-2024-42456
was published
Dec 4, 2024
A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and...
High
Unreviewed
CVE-2024-50381
was published
Dec 2, 2024
Incorrect access control in the component l_0_0.xml of TP-Link ARCHER-C7 v5 allows attackers to...
High
Unreviewed
CVE-2024-53623
was published
Nov 30, 2024
Certain modes of in-vehicle routers from Billion Electric have a Missing Authentication...
Critical
Unreviewed
CVE-2024-11980
was published
Nov 29, 2024
Multiple FCNT Android devices provide the original security features such as "privacy mode" where...
Low
Unreviewed
CVE-2024-53701
was published
Nov 29, 2024
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an...
High
Unreviewed
CVE-2024-49052
was published
Nov 26, 2024
Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP...
Critical
Unreviewed
CVE-2019-17082
was published
Nov 26, 2024
Improper handling of WiFi information by framework services can allow certain malicious...
Low
Unreviewed
CVE-2020-12492
was published
Nov 25, 2024
Improper control of framework service permissions with possibility of some sensitive device...
Moderate
Unreviewed
CVE-2020-12491
was published
Nov 25, 2024
The administrative interface listens by default on all interfaces on a TCP port and does not...
Critical
Unreviewed
CVE-2024-47138
was published
Nov 23, 2024
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-5718
was published
Nov 22, 2024
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-5721
was published
Nov 22, 2024
A missing authentication for critical function vulnerability has been reported to affect Notes...
Critical
Unreviewed
CVE-2024-38643
was published
Nov 22, 2024
Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System...
High
Unreviewed
CVE-2024-52437
was published
Nov 20, 2024
Missing Authentication for Critical Function vulnerability in deco.Agency de:branding allows...
High
Unreviewed
CVE-2024-52438
was published
Nov 20, 2024
Missing authentication for critical function vulnerability exists in Rakuten Turbo 5G firmware...
Moderate
Unreviewed
CVE-2024-47865
was published
Nov 20, 2024
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated...
Critical
Unreviewed
CVE-2024-0012
was published
Nov 18, 2024
A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a...
High
Unreviewed
CVE-2024-41969
was published
Nov 18, 2024
A low privileged remote attacker may modify the docker settings setup of the device, leading to a...
Moderate
Unreviewed
CVE-2024-41968
was published
Nov 18, 2024
A low privileged remote attacker may modify the boot mode configuration setup of the device,...
High
Unreviewed
CVE-2024-41967
was published
Nov 18, 2024
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to...
Critical
Unreviewed
CVE-2024-10924
was published
Nov 15, 2024
Insyde IHISI function 0x49 can restore factory defaults for certain UEFI variables without...
Moderate
Unreviewed
CVE-2024-39707
was published
Nov 15, 2024
The software tools used by service personnel to test & calibrate the ventilator do not support...
Critical
Unreviewed
CVE-2024-48966
was published
Nov 15, 2024
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access...
Critical
Unreviewed
CVE-2024-40404
was published
Nov 14, 2024
Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows...
High
Unreviewed
CVE-2024-40405
was published
Nov 14, 2024
ProTip!
Advisories are also available from the
GraphQL API