GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
204 advisories
Filter by severity
The Versa Director offers REST APIs for orchestration and management. By design, certain APIs,...
Moderate
Unreviewed
CVE-2024-45229
was published
Sep 20, 2024
A missing authentication check in the WebSocket channel used for the Check Point IoT integration...
Moderate
Unreviewed
CVE-2023-5253
was published
Jan 15, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Moderate
Unreviewed
CVE-2024-37991
was published
Sep 10, 2024
A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart...
Moderate
Unreviewed
CVE-2023-25493
was published
Apr 5, 2024
Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an...
Moderate
Unreviewed
CVE-2021-1246
was published
May 24, 2022
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September...
Moderate
Unreviewed
CVE-2024-8321
was published
Sep 10, 2024
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September...
Moderate
Unreviewed
CVE-2024-8320
was published
Sep 10, 2024
Sensitive information disclosure and manipulation due to improper authentication. The following...
Moderate
Unreviewed
CVE-2023-44152
was published
Sep 27, 2023
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive...
Moderate
Unreviewed
CVE-2024-35151
was published
Aug 22, 2024
Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing...
Moderate
Unreviewed
CVE-2024-43272
was published
Aug 19, 2024
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-38143
was published
Aug 13, 2024
A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u...
Moderate
Unreviewed
CVE-2024-7154
was published
Jul 28, 2024
Insufficient authentication in user account management in Yugabyte Platform allows local network...
Moderate
Unreviewed
CVE-2024-6895
was published
Jul 19, 2024
IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document...
Moderate
Unreviewed
CVE-2024-35143
was published
Aug 4, 2024
Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue...
Moderate
Unreviewed
CVE-2022-38057
was published
Mar 25, 2024
A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and...
Moderate
Unreviewed
CVE-2024-7079
was published
Jul 24, 2024
NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information...
Moderate
Unreviewed
CVE-2021-34983
was published
May 8, 2024
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This...
Moderate
Unreviewed
CVE-2024-5952
was published
Jun 13, 2024
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure...
Moderate
Unreviewed
CVE-2024-5947
was published
Jun 13, 2024
Microsoft Bluetooth Driver Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-21306
was published
Jan 9, 2024
IBM System Storage DS8900F 89.22.19.0, 89.30.68.0, 89.32.40.0, 89.33.48.0, 89.40.83.0, and 89.40...
Moderate
Unreviewed
CVE-2024-22326
was published
Jun 6, 2024
A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe...
Moderate
Unreviewed
CVE-2024-30391
was published
Apr 12, 2024
A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an...
Moderate
Unreviewed
CVE-2024-20391
was published
May 15, 2024
D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows...
Moderate
Unreviewed
CVE-2023-37325
was published
May 8, 2024
UltraLog Express device management interface does not properly perform access authentication in...
Moderate
Unreviewed
CVE-2020-3920
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API