Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

330 advisories

Loading
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48496 was published Jun 19, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48494 was published Jun 19, 2023
Locally installed application can bypass the permission check and perform system operations that... High Unreviewed
CVE-2021-26280 was published Dec 17, 2024
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before... High Unreviewed
CVE-2024-2450 was published Mar 15, 2024
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful... High Unreviewed
CVE-2022-48621 was published Feb 18, 2024
Lua apps can be deployed, removed, started, reloaded or stopped without authorization via... High Unreviewed
CVE-2024-10776 was published Dec 6, 2024
Unauthenticated CROWN APIs allow access to critical functions. This leads to the accessibility of... High Unreviewed
CVE-2024-10774 was published Dec 6, 2024
A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting... High Unreviewed
CVE-2024-42455 was published Dec 4, 2024
A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a... High Unreviewed
CVE-2024-42456 was published Dec 4, 2024
Incorrect access control in the component l_0_0.xml of TP-Link ARCHER-C7 v5 allows attackers to... High Unreviewed
CVE-2024-53623 was published Nov 30, 2024
A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and... High Unreviewed
CVE-2024-50381 was published Dec 2, 2024
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an... High Unreviewed
CVE-2024-49052 was published Nov 26, 2024
Incorrect access control in Cybele Software Thinfinity Workspace before v7.0.3.109 allows... High Unreviewed
CVE-2024-40405 was published Nov 14, 2024
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access... High Unreviewed
CVE-2024-40408 was published Nov 14, 2024
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-5718 was published Nov 22, 2024
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-5721 was published Nov 22, 2024
A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in... High Unreviewed
CVE-2024-3281 was published Apr 9, 2024
Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System... High Unreviewed
CVE-2024-52437 was published Nov 20, 2024
Missing Authentication for Critical Function vulnerability in deco.Agency de:branding allows... High Unreviewed
CVE-2024-52438 was published Nov 20, 2024
A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a... High Unreviewed
CVE-2024-41969 was published Nov 18, 2024
A low privileged remote attacker may modify the boot mode configuration setup of the device,... High Unreviewed
CVE-2024-41967 was published Nov 18, 2024
Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: GL... High Unreviewed
CVE-2024-21146 was published Jul 17, 2024
The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require... High Unreviewed
CVE-2021-34543 was published Dec 8, 2021
An unauthenticated attacker with access to the local network of the medical office can query an... High Unreviewed
CVE-2024-50589 was published Nov 8, 2024
An issue was discovered in Logpoint before 7.5.0. Endpoints for creating, editing, or deleting... High Unreviewed
CVE-2024-48953 was published Nov 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database