GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,419
Composer 4,152
Erlang 30
GitHub Actions 19
Go 1,956
Maven 5,147
npm 3,692
NuGet 652
pip 3,308
Pub 11
RubyGems 881
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 232,027

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,790 advisories

Filter by severity

Sort by

Least recently updated

The Chef Habitat builder-api on-prem-builder package with any version lower than habitat/builder... Moderate Unreviewed

CVE-2024-9825 was published Oct 28, 2024

In ppmp_protect_buf of drm_fw.c, there is a possible information disclosure due to a logic error... Moderate Unreviewed

CVE-2024-47025 was published Oct 25, 2024

There is a possible Local bypass of user interaction due to an insecure default value. This could... Moderate Unreviewed

CVE-2024-44099 was published Oct 25, 2024

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... High Unreviewed

CVE-2024-45261 was published Oct 24, 2024

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... High Unreviewed

CVE-2024-45260 was published Oct 24, 2024

Incorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows... High Unreviewed

CVE-2024-48546 was published Oct 24, 2024

The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding... Critical Unreviewed

CVE-2024-48548 was published Oct 24, 2024

A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause... Moderate Unreviewed

CVE-2024-10295 was published Oct 24, 2024

Incorrect access control in XIAO HE Smart 4.3.1 allows attackers to access sensitive information... Moderate Unreviewed

CVE-2024-48540 was published Oct 24, 2024

Incorrect access control in the firmware update and download processes of Sylvania Smart Home v3... High Unreviewed

CVE-2024-48544 was published Oct 24, 2024

Incorrect access control in the firmware update and download processes of Yamaha Headphones... High Unreviewed

CVE-2024-48542 was published Oct 24, 2024

Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7... High Unreviewed

CVE-2024-48541 was published Oct 24, 2024

Incorrect access control in the firmware update and download processes of IVY Smart v4.5.0 allows... High Unreviewed

CVE-2024-48545 was published Oct 24, 2024

Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8... High Unreviewed

CVE-2024-48547 was published Oct 24, 2024

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ... Moderate Unreviewed

CVE-2024-20482 was published Oct 23, 2024

Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass... Moderate Unreviewed

CVE-2024-49209 was published Oct 22, 2024

The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0... Critical Unreviewed

CVE-2024-38002 was published Oct 22, 2024

Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass... Moderate Unreviewed

CVE-2024-49208 was published Oct 22, 2024

A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this... Moderate Unreviewed

CVE-2024-10173 was published Oct 20, 2024

Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with... High Unreviewed

CVE-2024-29821 was published Oct 19, 2024

Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with... High Unreviewed

CVE-2024-29213 was published Oct 19, 2024

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component:... High Unreviewed

CVE-2024-21268 was published Oct 15, 2024

Vulnerability in the Oracle Contract Lifecycle Management for Public Sector product of Oracle E... High Unreviewed

CVE-2024-21278 was published Oct 15, 2024

Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Auctions). ... High Unreviewed

CVE-2024-21279 was published Oct 15, 2024

Vulnerability in the Oracle Advanced Pricing product of Oracle E-Business Suite (component: Price... High Unreviewed

CVE-2024-21266 was published Oct 15, 2024

Previous 1 2 3 4 5 … 71 72 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,790 advisories