Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

906 advisories

Loading
A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions... High Unreviewed
CVE-2023-39981 was published Sep 2, 2023
An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web... Critical Unreviewed
CVE-2024-42017 was published Sep 30, 2024
An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access... High Unreviewed
CVE-2022-32503 was published May 14, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API... Critical Unreviewed
CVE-2024-50486 was published Oct 28, 2024
The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows... High Unreviewed
CVE-2023-38379 was published Jul 16, 2023
Authentication Bypass Using an Alternate Path or Channel vulnerability in MaanTheme MaanStore API... Critical Unreviewed
CVE-2024-50487 was published Oct 28, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile... Critical Unreviewed
CVE-2024-50477 was published Oct 28, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Realty Workstation... Critical Unreviewed
CVE-2024-50489 was published Oct 28, 2024
The Get Quote For Woocommerce – Request A Quote For Woocommerce plugin for WordPress is... Moderate Unreviewed
CVE-2024-9430 was published Oct 31, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token... High Unreviewed
CVE-2024-50488 was published Oct 28, 2024
A user with device administrative privileges can change existing SMTP server settings on the... Moderate Unreviewed
CVE-2024-5143 was published May 23, 2024
Lunary Improper Authentication vulnerability High
CVE-2024-6582 was published for lunary (npm) Sep 13, 2024
In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page)... Critical Unreviewed
CVE-2022-31266 was published Jun 30, 2022
There is a MEDIUM severity vulnerability affecting CPython. The “socket” module provides a pure... Low Unreviewed
CVE-2024-3219 was published Jul 30, 2024
Internet passwords stored in Person documents in the Domino® Directory created using the "Add... Moderate Unreviewed
CVE-2023-37495 was published Feb 29, 2024
Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an... Critical Unreviewed
CVE-2024-47406 was published Oct 25, 2024
The LSC Smart Connect Indoor IP Camera V7.6.32 is vulnerable to an information disclosure issue... Moderate Unreviewed
CVE-2024-51362 was published Nov 5, 2024
Improper access control in PAM vault permissions in Devolutions Server 2024.1.6 and earlier... Critical Unreviewed
CVE-2024-2921 was published Mar 26, 2024
Improper authentication vulnerability in exists in multiple printers and scanners which implement... Moderate Unreviewed
CVE-2024-21824 was published Mar 18, 2024
Insecure permissions in the component /api/admin/user of 14Finger v1.1 allows attackers to access... High Unreviewed
CVE-2024-37767 was published Jul 5, 2024
An issue was discovered in Logpoint before 7.5.0. SOAR uses a static JWT secret key to generate... Moderate Unreviewed
CVE-2024-48952 was published Nov 7, 2024
An issue was discovered in Logpoint before 7.5.0. An endpoint used by Distributed Logpoint Setup... High Unreviewed
CVE-2024-48950 was published Nov 7, 2024
An issue was discovered in Logpoint before 7.5.0. Endpoints for creating, editing, or deleting... High Unreviewed
CVE-2024-48953 was published Nov 7, 2024
An unauthenticated attacker with access to the local network of the medical office can query an... High Unreviewed
CVE-2024-50589 was published Nov 8, 2024
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an... Critical Unreviewed
CVE-2024-5910 was published Jul 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database