Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

230 advisories

Loading
Improper control of framework service permissions with possibility of some sensitive device... Moderate Unreviewed
CVE-2020-12491 was published Nov 25, 2024
Missing authentication for critical function vulnerability exists in Rakuten Turbo 5G firmware... Moderate Unreviewed
CVE-2024-47865 was published Nov 20, 2024
A low privileged remote attacker may modify the docker settings setup of the device, leading to a... Moderate Unreviewed
CVE-2024-41968 was published Nov 18, 2024
Insyde IHISI function 0x49 can restore factory defaults for certain UEFI variables without... Moderate Unreviewed
CVE-2024-39707 was published Nov 15, 2024
A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4... Moderate Unreviewed
CVE-2024-26011 was published Nov 12, 2024
An issue was discovered in Logpoint before 7.5.0. SOAR uses a static JWT secret key to generate... Moderate Unreviewed
CVE-2024-48952 was published Nov 7, 2024
The LSC Smart Connect Indoor IP Camera V7.6.32 is vulnerable to an information disclosure issue... Moderate Unreviewed
CVE-2024-51362 was published Nov 5, 2024
The Get Quote For Woocommerce – Request A Quote For Woocommerce plugin for WordPress is... Moderate Unreviewed
CVE-2024-9430 was published Oct 31, 2024
Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA... Moderate Unreviewed
CVE-2024-48442 was published Oct 24, 2024
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2... Moderate Unreviewed
CVE-2024-47902 was published Oct 23, 2024
Vilo 5 Mesh WiFi System <= 5.16.1.33 lacks authentication in the Boa webserver, which allows... Moderate Unreviewed
CVE-2024-40091 was published Oct 21, 2024
CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... Moderate Unreviewed
CVE-2024-8530 was published Oct 11, 2024
An unauthenticated remote attacker may use the devices traffic capture without authentication to... Moderate Unreviewed
CVE-2024-35294 was published Oct 2, 2024
Missing authentication for critical function vulnerability in proxy settings functionality in... Moderate Unreviewed
CVE-2023-52949 was published Sep 26, 2024
Missing authentication for critical function vulnerability in logout functionality in Synology... Moderate Unreviewed
CVE-2023-52947 was published Sep 26, 2024
The Versa Director offers REST APIs for orchestration and management. By design, certain APIs,... Moderate Unreviewed
CVE-2024-45229 was published Sep 20, 2024
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September... Moderate Unreviewed
CVE-2024-8321 was published Sep 10, 2024
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September... Moderate Unreviewed
CVE-2024-8320 was published Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All... Moderate Unreviewed
CVE-2024-37991 was published Sep 10, 2024
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive... Moderate Unreviewed
CVE-2024-35151 was published Aug 22, 2024
Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing... Moderate Unreviewed
CVE-2024-43272 was published Aug 19, 2024
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-38143 was published Aug 13, 2024
IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document... Moderate Unreviewed
CVE-2024-35143 was published Aug 4, 2024
A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u... Moderate Unreviewed
CVE-2024-7154 was published Jul 28, 2024
A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and... Moderate Unreviewed
CVE-2024-7079 was published Jul 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database