GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
305 advisories
Filter by severity
The administrative interface listens by default on all interfaces on a TCP port and does not...
Critical
Unreviewed
CVE-2024-47138
was published
Nov 23, 2024
A missing authentication for critical function vulnerability has been reported to affect Notes...
Critical
Unreviewed
CVE-2024-38643
was published
Nov 22, 2024
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated...
Critical
Unreviewed
CVE-2024-0012
was published
Nov 18, 2024
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to...
Critical
Unreviewed
CVE-2024-10924
was published
Nov 15, 2024
The software tools used by service personnel to test & calibrate the ventilator do not support...
Critical
Unreviewed
CVE-2024-48966
was published
Nov 15, 2024
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows...
Critical
Unreviewed
CVE-2024-51567
was published
Oct 30, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Realty Workstation...
Critical
Unreviewed
CVE-2024-50489
was published
Oct 28, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in MaanTheme MaanStore API...
Critical
Unreviewed
CVE-2024-50487
was published
Oct 28, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API...
Critical
Unreviewed
CVE-2024-50486
was published
Oct 28, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile...
Critical
Unreviewed
CVE-2024-50477
was published
Oct 28, 2024
CVE-2024-10386 IMPACT
An authentication
vulnerability exists in the affected product. The...
Critical
Unreviewed
CVE-2024-10386
was published
Oct 25, 2024
Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an...
Critical
Unreviewed
CVE-2024-47406
was published
Oct 25, 2024
A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through...
Critical
Unreviewed
CVE-2024-47575
was published
Oct 23, 2024
An issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a remote attacker to execute...
Critical
Unreviewed
CVE-2024-26519
was published
Oct 23, 2024
Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Insecure Permissions. Lack of...
Critical
Unreviewed
CVE-2024-40087
was published
Oct 21, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Najeeb Ahmad Simple...
Critical
Unreviewed
CVE-2024-49604
was published
Oct 20, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST...
Critical
Unreviewed
CVE-2024-49328
was published
Oct 20, 2024
An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing...
Critical
Unreviewed
CVE-2024-45274
was published
Oct 15, 2024
Enterprise Cloud Database from Ragic does not authenticate access to specific functionality,...
Critical
Unreviewed
CVE-2024-9984
was published
Oct 15, 2024
An issue was discovered in GitLab EE affecting all versions starting from 12.5 prior to 17.2.9,...
Critical
Unreviewed
CVE-2024-9164
was published
Oct 11, 2024
TEM Opera Plus FM Family Transmitter allows access to an unprotected endpoint that allows MPFS...
Critical
Unreviewed
CVE-2024-41988
was published
Oct 3, 2024
An unauthenticated remote attacker may use a missing authentication for critical function...
Critical
Unreviewed
CVE-2024-35293
was published
Oct 2, 2024
The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to...
Critical
Unreviewed
CVE-2024-9289
was published
Oct 1, 2024
An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web...
Critical
Unreviewed
CVE-2024-42017
was published
Sep 30, 2024
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control....
Critical
Unreviewed
CVE-2024-46293
was published
Sep 30, 2024
ProTip!
Advisories are also available from the
GraphQL API