GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
110 advisories
Filter by severity
A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is...
Moderate
Unreviewed
CVE-2024-11049
was published
Nov 10, 2024
Direct Request ('Forced Browsing') vulnerability in Apache OFBiz.
This issue affects Apache...
High
Unreviewed
CVE-2024-45195
was published
Sep 4, 2024
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-7753
was published
Aug 14, 2024
An improper authentication vulnerability affecting Vonets
industrial wifi bridge relays...
Moderate
Unreviewed
CVE-2024-42001
was published
Aug 12, 2024
A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request...
Critical
Unreviewed
CVE-2024-33897
was published
Aug 6, 2024
A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719....
Moderate
Unreviewed
CVE-2024-7153
was published
Jul 28, 2024
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared...
Moderate
Unreviewed
CVE-2024-7080
was published
Jul 24, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
High
Unreviewed
CVE-2024-39868
was published
Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
High
Unreviewed
CVE-2024-39867
was published
Jul 9, 2024
A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x....
Moderate
Unreviewed
CVE-2024-6414
was published
Jun 30, 2024
A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic....
Moderate
Unreviewed
CVE-2024-6188
was published
Jun 20, 2024
Mautic uses predictable page indices for unpublished landing pages, their content can be accessed...
Moderate
Unreviewed
CVE-2024-2730
was published
Apr 10, 2024
A CWE-862 “Missing Authorization” vulnerability in the “measure” functionality of the web...
Moderate
Unreviewed
CVE-2023-45598
was published
Mar 5, 2024
A CWE-862 “Missing Authorization” vulnerability in the “file_configuration” functionality of the...
Moderate
Unreviewed
CVE-2023-45596
was published
Mar 5, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.4 before 16.7.6...
Moderate
Unreviewed
CVE-2024-0861
was published
Feb 22, 2024
IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized user to obtain sensitive...
Moderate
Unreviewed
CVE-2023-46186
was published
Feb 14, 2024
Lack of authentication in all versions of the fileserver component of Allegro AI’s ClearML...
Critical
Unreviewed
CVE-2024-24592
was published
Feb 6, 2024
IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may...
Moderate
Unreviewed
CVE-2023-50935
was published
Feb 2, 2024
An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7...
Moderate
Unreviewed
CVE-2024-0456
was published
Jan 26, 2024
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to...
Critical
Unreviewed
CVE-2024-0204
was published
Jan 22, 2024
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE...
Moderate
Unreviewed
CVE-2023-44320
was published
Nov 14, 2023
A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as...
Moderate
Unreviewed
CVE-2023-5786
was published
Oct 26, 2023
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic....
Moderate
Unreviewed
CVE-2023-5702
was published
Oct 23, 2023
The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that...
Moderate
Unreviewed
CVE-2023-4800
was published
Oct 16, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5,...
Moderate
Unreviewed
CVE-2023-4018
was published
Sep 1, 2023
ProTip!
Advisories are also available from the
GraphQL API