GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,972
Composer 4,285
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,238
npm 3,741
NuGet 668
pip 3,422
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,198

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

332 advisories

Filter by severity

Sort by

Least recently updated

In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP... Critical Unreviewed

CVE-2024-12106 was published Dec 31, 2024

A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A... Critical Unreviewed

CVE-2024-21855 was published Dec 20, 2024

An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted... Critical Unreviewed

CVE-2024-54984 was published Dec 20, 2024

An issue in Quectel BC95-CNV V100R001C00SPC051 allows attackers to bypass authentication via a... Critical Unreviewed

CVE-2024-54983 was published Dec 20, 2024

An issue in Quectel BC25 with firmware version BC25PAR01A06 allows attackers to bypass... Critical Unreviewed

CVE-2024-54982 was published Dec 20, 2024

A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This... Critical Unreviewed

CVE-2024-12371 was published Dec 18, 2024

Authentication Bypass vulnerability in Hitachi Ops Center Analyzer on Linux, 64 bit (Hitachi Ops... Critical Unreviewed

CVE-2024-10205 was published Dec 17, 2024

Certain modes of in-vehicle routers from Billion Electric have a Missing Authentication... Critical Unreviewed

CVE-2024-11980 was published Nov 29, 2024

Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed

CVE-2019-17082 was published Nov 26, 2024

The administrative interface listens by default on all interfaces on a TCP port and does not... Critical Unreviewed

CVE-2024-47138 was published Nov 23, 2024

A missing authentication for critical function vulnerability has been reported to affect Notes... Critical Unreviewed

CVE-2024-38643 was published Nov 22, 2024

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated... Critical Unreviewed

CVE-2024-0012 was published Nov 18, 2024

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to... Critical Unreviewed

CVE-2024-10924 was published Nov 15, 2024

The software tools used by service personnel to test & calibrate the ventilator do not support... Critical Unreviewed

CVE-2024-48966 was published Nov 15, 2024

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access... Critical Unreviewed

CVE-2024-40404 was published Nov 14, 2024

upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows... Critical Unreviewed

CVE-2024-51567 was published Oct 30, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Realty Workstation... Critical Unreviewed

CVE-2024-50489 was published Oct 28, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in MaanTheme MaanStore API... Critical Unreviewed

CVE-2024-50487 was published Oct 28, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API... Critical Unreviewed

CVE-2024-50486 was published Oct 28, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile... Critical Unreviewed

CVE-2024-50477 was published Oct 28, 2024

CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. The... Critical Unreviewed

CVE-2024-10386 was published Oct 25, 2024

Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an... Critical Unreviewed

CVE-2024-47406 was published Oct 25, 2024

A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through... Critical Unreviewed

CVE-2024-47575 was published Oct 23, 2024

An issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a remote attacker to execute... Critical Unreviewed

CVE-2024-26519 was published Oct 23, 2024

Vilo 5 Mesh WiFi System <= 5.16.1.33 is vulnerable to Insecure Permissions. Lack of... Critical Unreviewed

CVE-2024-40087 was published Oct 21, 2024

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

332 advisories