GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

110 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is... Moderate Unreviewed

CVE-2024-11049 was published Nov 10, 2024

An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7... Moderate Unreviewed

CVE-2024-0456 was published Jan 26, 2024

An issue has been discovered in GitLab EE affecting all versions starting from 16.4 before 16.7.6... Moderate Unreviewed

CVE-2024-0861 was published Feb 22, 2024

An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5,... Moderate Unreviewed

CVE-2023-4018 was published Sep 1, 2023

The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update... Moderate Unreviewed

CVE-2023-3426 was published Aug 2, 2023

A CWE-862 “Missing Authorization” vulnerability in the “measure” functionality of the web... Moderate Unreviewed

CVE-2023-45598 was published Mar 5, 2024

A CWE-862 “Missing Authorization” vulnerability in the “file_configuration” functionality of the... Moderate Unreviewed

CVE-2023-45596 was published Mar 5, 2024

Mitsubishi Electric SmartRTU devices allow remote attackers to obtain sensitive information ... High Unreviewed

CVE-2018-16060 was published May 24, 2022

Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. This issue affects Apache... High Unreviewed

CVE-2024-45195 was published Sep 4, 2024

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been... Moderate Unreviewed

CVE-2024-7753 was published Aug 14, 2024

A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE... Moderate Unreviewed

CVE-2023-44320 was published Nov 14, 2023

A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request... Critical Unreviewed

CVE-2024-33897 was published Aug 6, 2024

An improper authentication vulnerability affecting Vonets industrial wifi bridge relays... Moderate Unreviewed

CVE-2024-42001 was published Aug 12, 2024

A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x.... Moderate Unreviewed

CVE-2024-6414 was published Jun 30, 2024

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed

CVE-2024-39868 was published Jul 9, 2024

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed

CVE-2024-39867 was published Jul 9, 2024

A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719.... Moderate Unreviewed

CVE-2024-7153 was published Jul 28, 2024

A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared... Moderate Unreviewed

CVE-2024-7080 was published Jul 24, 2024

A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic.... Moderate Unreviewed

CVE-2024-6188 was published Jun 20, 2024

A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230809. It... Moderate Unreviewed

CVE-2023-4544 was published Aug 26, 2023

Mautic uses predictable page indices for unpublished landing pages, their content can be accessed... Moderate Unreviewed

CVE-2024-2730 was published Apr 10, 2024

The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that... Moderate Unreviewed

CVE-2023-4800 was published Oct 16, 2023

JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a... Moderate Unreviewed

CVE-2015-1313 was published Jun 29, 2023

The Contour Service was not checking that users had permission to create an analysis for a given... Moderate Unreviewed

CVE-2023-22834 was published Jun 27, 2023

An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated... Moderate Unreviewed

CVE-2019-17503 was published May 24, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

110 advisories