GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
954 advisories
Filter by severity
Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API...
Critical
Unreviewed
CVE-2024-50486
was published
Oct 28, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile...
Critical
Unreviewed
CVE-2024-50477
was published
Oct 28, 2024
CVE-2024-10386 IMPACT
An authentication
vulnerability exists in the affected product. The...
Critical
Unreviewed
CVE-2024-10386
was published
Oct 25, 2024
Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an...
Critical
Unreviewed
CVE-2024-47406
was published
Oct 25, 2024
Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA...
Moderate
Unreviewed
CVE-2024-48442
was published
Oct 24, 2024
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through...
Critical
Unreviewed
CVE-2024-47575
was published
Oct 23, 2024
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2...
Moderate
Unreviewed
CVE-2024-47902
was published
Oct 23, 2024
An issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a remote attacker to execute...
Critical
Unreviewed
CVE-2024-26519
was published
Oct 23, 2024
A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX...
High
Unreviewed
CVE-2022-23862
was published
Oct 22, 2024
The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and...
High
Unreviewed
CVE-2024-10002
was published
Oct 22, 2024
Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Insecure Permissions. Lack of...
Critical
Unreviewed
CVE-2024-40087
was published
Oct 21, 2024
Vilo 5 Mesh WiFi System <= 5.16.1.33 lacks authentication in the Boa webserver, which allows...
Moderate
Unreviewed
CVE-2024-40091
was published
Oct 21, 2024
A vulnerability in the AWV (Audio, Web, and Video) Conferencing component of Mitel MiCollab...
High
Unreviewed
CVE-2024-47912
was published
Oct 21, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Najeeb Ahmad Simple...
Critical
Unreviewed
CVE-2024-49604
was published
Oct 20, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST...
Critical
Unreviewed
CVE-2024-49328
was published
Oct 20, 2024
The affected product is vulnerable to an attacker being able to use commands without providing a...
High
Unreviewed
CVE-2024-49399
was published
Oct 17, 2024
Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1...
High
Unreviewed
CVE-2024-23783
was published
Oct 17, 2024
BIG-IP monitor functionality may allow an attacker to bypass access control restrictions,...
High
Unreviewed
CVE-2024-45844
was published
Oct 16, 2024
Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP...
High
Unreviewed
CVE-2024-5749
was published
Oct 15, 2024
An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing...
Critical
Unreviewed
CVE-2024-45274
was published
Oct 15, 2024
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to...
High
Unreviewed
CVE-2024-45276
was published
Oct 15, 2024
Enterprise Cloud Database from Ragic does not authenticate access to specific functionality,...
Critical
Unreviewed
CVE-2024-9984
was published
Oct 15, 2024
The affected product lacks an authentication check when sending commands to the server via the...
High
Unreviewed
CVE-2024-9137
was published
Oct 14, 2024
LEDVANCE com.ledvance.smartplus.eu 2.1.10 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2024-48777
was published
Oct 11, 2024
An issue in almaodo GmbH appinventor.ai_google.almando_control 2.3.1 allows a remote attacker to...
High
Unreviewed
CVE-2024-48768
was published
Oct 11, 2024
ProTip!
Advisories are also available from the
GraphQL API