GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,795

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

165 advisories

Filter by severity

Sort by

Least recently updated

As a default user on a multi-user instance of AnythingLLM, you could execute a call to the `... Critical Unreviewed

CVE-2024-0765 was published Mar 3, 2024

** UNSUPPORTED WHEN ASSIGNED ** Exposure of Sensitive Information to an Unauthorized Actor... Critical Unreviewed

CVE-2024-27905 was published Feb 27, 2024

The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary... Critical Unreviewed

CVE-2023-6248 was published Nov 22, 2023

An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1.... Critical Unreviewed

CVE-2023-49103 was published Nov 22, 2023

A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older allows a threat actor with... Critical Unreviewed

CVE-2023-39337 was published Nov 15, 2023

The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive... Critical Unreviewed

CVE-2023-5576 was published Oct 20, 2023

Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to... Critical Unreviewed

CVE-2023-5642 was published Oct 18, 2023

SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430,... Critical Unreviewed

CVE-2023-40622 was published Sep 13, 2023

Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which... Critical Unreviewed

CVE-2023-0925 was published Sep 6, 2023

An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform ... Critical Unreviewed

CVE-2023-28765 was published Jul 6, 2023

HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker... Critical Unreviewed

CVE-2023-24838 was published Jul 6, 2023

Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability... Critical Unreviewed

CVE-2022-48510 was published Jul 6, 2023

Vulnerability of incomplete read and write permission verification in the GPU module. Successful... Critical Unreviewed

CVE-2021-46891 was published Jul 5, 2023

Key management vulnerability on system. Successful exploitation of this vulnerability may affect... Critical Unreviewed

CVE-2023-3455 was published Jul 5, 2023

SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM... Critical Unreviewed

CVE-2023-32113 was published May 9, 2023

Campbell Scientific dataloggers CR6, CR300, CR800, CR1000 and CR3000 may allow an attacker to... Critical Unreviewed

CVE-2023-0321 was published Jan 26, 2023

When doing HTTP(S) transfers, libcurl might erroneously use the read callback (... Critical Unreviewed

CVE-2022-32221 was published Dec 6, 2022

A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not... Critical Unreviewed

CVE-2021-3688 was published Aug 27, 2022

The sensitive information of webcam device is not properly protected. Remote attackers can... Critical Unreviewed

CVE-2021-30168 was published May 24, 2022

D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive... Critical Unreviewed

CVE-2015-0152 was published May 24, 2022

admin/user_import.php in Chamilo 1.11.14 reads XML data without disabling the ability to load... Critical Unreviewed

CVE-2021-32925 was published May 24, 2022

best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an... Critical Unreviewed

CVE-2020-28199 was published May 24, 2022

GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during... Critical Unreviewed

CVE-2020-25179 was published May 24, 2022

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile... Critical Unreviewed

CVE-2020-27134 was published May 24, 2022

In FUEL CMS 11.4.12 and before, the page preview feature allows an anonymous user to take... Critical Unreviewed

CVE-2020-26167 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

165 advisories