GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,787
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,016
Maven 5,202
npm 3,721
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,241

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,033 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in Quay, which allows successful authentication even when a truncated... Moderate Unreviewed

CVE-2024-9683 was published Oct 17, 2024

A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software,... Moderate Unreviewed

CVE-2019-1980 was published May 24, 2022

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager... Moderate Unreviewed

CVE-2024-11671 was published Nov 25, 2024

IPP software prior to v1.71 is vulnerable to default credential vulnerability. This could lead... Moderate Unreviewed

CVE-2022-33862 was published Nov 25, 2024

A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC,... Moderate Unreviewed

CVE-2021-22764 was published May 24, 2022

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is... Moderate Unreviewed

CVE-2023-40660 was published Nov 6, 2023

A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an... Moderate Unreviewed

CVE-2024-11209 was published Nov 14, 2024

A vulnerability was found in pam_access due to the improper handling of tokens in access.conf,... Moderate Unreviewed

CVE-2024-10963 was published Nov 7, 2024

A vulnerability was found in knightliao Disconf 2.6.36. It has been classified as critical. This... Moderate Unreviewed

CVE-2024-10620 was published Nov 1, 2024

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical... Moderate Unreviewed

CVE-2024-31800 was published Aug 15, 2024

A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this... Moderate Unreviewed

CVE-2024-10173 was published Oct 20, 2024

Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty... Moderate Unreviewed

CVE-2023-2975 was published Jul 14, 2023

Affected versions of Atlassian Jira Server and Data Center allow users who have watched an issue... Moderate Unreviewed

CVE-2021-39119 was published May 24, 2022

Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could... Moderate Unreviewed

CVE-2024-23806 was published Feb 7, 2024

Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira... Moderate Unreviewed

CVE-2021-41309 was published Dec 9, 2021

In the goTenna Pro there is a vulnerability that makes it possible to inject any custom message... Moderate Unreviewed

CVE-2024-47127 was published Sep 26, 2024

An information disclosure issue in GitLab CE/EE affecting all versions from 16.0 prior to 16.0.6,... Moderate Unreviewed

CVE-2023-3362 was published Jul 13, 2023

An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions... Moderate Unreviewed

CVE-2024-1347 was published Apr 25, 2024

Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of... Moderate Unreviewed

CVE-2023-39215 was published Sep 12, 2023

Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure... Moderate Unreviewed

CVE-2024-24698 was published Feb 14, 2024

Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker... Moderate Unreviewed

CVE-2023-36926 was published Aug 8, 2023

Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated... Moderate Unreviewed

CVE-2023-49646 was published Dec 14, 2023

Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation... Moderate Unreviewed

CVE-2023-43582 was published Nov 15, 2023

An authentication issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed

CVE-2024-44202 was published Sep 17, 2024

This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and... Moderate Unreviewed

CVE-2024-44127 was published Sep 17, 2024

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,033 advisories