GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,952

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,156 advisories

Filter by severity

Sort by

Least recently updated

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an... High Unreviewed

CVE-2024-45148 was published Oct 10, 2024

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an... Critical Unreviewed

CVE-2024-45115 was published Oct 10, 2024

Windows Netlogon Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2024-38124 was published Oct 8, 2024

A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions). Affected devices only... Critical Unreviewed

CVE-2024-41798 was published Oct 8, 2024

Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows... High Unreviewed

CVE-2024-43685 was published Oct 4, 2024

DrayTek Vigor310 devices through 4.3.2.6 use unencrypted HTTP for authentication requests. High Unreviewed

CVE-2024-41589 was published Oct 3, 2024

In the goTenna Pro there is a vulnerability that makes it possible to inject any custom message... Moderate Unreviewed

CVE-2024-47127 was published Sep 26, 2024

The goTenna Pro series does not authenticate public keys which allows an unauthenticated attacker... High Unreviewed

CVE-2024-47125 was published Sep 26, 2024

An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN... High Unreviewed

CVE-2024-45750 was published Sep 25, 2024

A condition exists in FlashArray Purity whereby an attacker can employ a privileged account... Critical Unreviewed

CVE-2024-0002 was published Sep 23, 2024

An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows bypassing authentication. Critical Unreviewed

CVE-2024-47218 was published Sep 22, 2024

**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An... Critical Unreviewed

CVE-2024-34399 was published Sep 18, 2024

Improper authentication vulnerability in multiple digital video recorders provided by TAKENAKA... High Unreviewed

CVE-2024-41929 was published Sep 18, 2024

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication... Critical Unreviewed

CVE-2024-8956 was published Sep 17, 2024

An authentication issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed

CVE-2024-44202 was published Sep 17, 2024

This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and... Moderate Unreviewed

CVE-2024-44127 was published Sep 17, 2024

ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication... High Unreviewed

CVE-2024-45113 was published Sep 13, 2024

CVE-2024-45823 IMPACT An authentication bypass vulnerability exists in the affected product.... Critical Unreviewed

CVE-2024-45823 was published Sep 12, 2024

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability High Unreviewed

CVE-2024-38225 was published Sep 10, 2024

Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function. Critical Unreviewed

CVE-2023-37226 was published Sep 10, 2024

A vulnerability that allows a user who has been assigned a low-privileged role within Veeam... High Unreviewed

CVE-2024-40713 was published Sep 7, 2024

An improper authentication vulnerability has been reported to affect Music Station. If exploited,... Moderate Unreviewed

CVE-2023-45038 was published Sep 6, 2024

This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs... Moderate Unreviewed

CVE-2024-5957 was published Sep 5, 2024

This vulnerability allows unauthenticated remote attackers to bypass authentication and gain... Moderate Unreviewed

CVE-2024-5956 was published Sep 5, 2024

ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The... Moderate Unreviewed

CVE-2024-44821 was published Sep 4, 2024

Previous 1 2 3 4 5 … 126 127 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,156 advisories