Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,152
Erlang
30
GitHub Actions
19
Go
1,956
Maven
5,000+
npm
3,692
NuGet
652
pip
3,308
Pub
11
RubyGems
881
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,170 advisories

Loading
The Bookster WordPress plugin through 1.1.0 allows adding sensitive parameters when validating... Moderate Unreviewed
CVE-2024-5071 was published Jun 26, 2024
OpenNMS privilege escalation vulnerability Moderate
CVE-2023-40315 was published for org.opennms:opennms-webapp-rest (Maven) Aug 17, 2023
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... High Unreviewed
CVE-2024-45260 was published Oct 24, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... High Unreviewed
CVE-2024-45261 was published Oct 24, 2024
An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can... Moderate Unreviewed
CVE-2023-35836 was published Jan 24, 2024
Improper access control in PAM JIT elevation in Devolutions Server 2024.1.6 and earlier allows an... High Unreviewed
CVE-2024-2915 was published Mar 26, 2024
An issue in Advanced Plugins reportsstatistics v1.3.20 and before allows a remote attacker to... Critical Unreviewed
CVE-2024-28394 was published Mar 20, 2024
Broken access control in the component /admin/management/users of School Fees Management System... High Unreviewed
CVE-2023-49982 was published Mar 21, 2024
The Chef Habitat builder-api on-prem-builder package  with any version lower than habitat/builder... Moderate Unreviewed
CVE-2024-9825 was published Oct 28, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2023-42860 was published Feb 21, 2024
An improper authorization vulnerability exists where an authenticated, low privileged remote... Moderate Unreviewed
CVE-2023-3253 was published Aug 29, 2023
TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are... High Unreviewed
CVE-2023-46992 was published Oct 31, 2023
Privilege Escalation in Channelmgnt plug-in for Sopel Moderate
CVE-2020-15251 was published for sopel-plugins-channelmgnt (pip) Oct 13, 2020
RhinosF1
A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions... Moderate Unreviewed
CVE-2023-4227 was published Aug 24, 2023
TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication... High Unreviewed
CVE-2023-33237 was published Aug 17, 2023
Salt's PAM auth fails to reject locked accounts High
CVE-2022-22967 was published for salt (pip) Jun 25, 2022
Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass... Moderate Unreviewed
CVE-2024-49208 was published Oct 22, 2024
Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass... Moderate Unreviewed
CVE-2024-49209 was published Oct 22, 2024
There is a possible Local bypass of user interaction due to an insecure default value. This could... Moderate Unreviewed
CVE-2024-44099 was published Oct 25, 2024
Incorrect access control in XIAO HE Smart 4.3.1 allows attackers to access sensitive information... Moderate Unreviewed
CVE-2024-48540 was published Oct 24, 2024
In ppmp_protect_buf of drm_fw.c, there is a possible information disclosure due to a logic error... Moderate Unreviewed
CVE-2024-47025 was published Oct 25, 2024
Incorrect access control in the firmware update and download processes of Sylvania Smart Home v3... High Unreviewed
CVE-2024-48544 was published Oct 24, 2024
The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding... Critical Unreviewed
CVE-2024-48548 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of Yamaha Headphones... High Unreviewed
CVE-2024-48542 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8... High Unreviewed
CVE-2024-48547 was published Oct 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database