GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,861

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

189 advisories

Filter by severity

Sort by

Least recently updated

InfluxDB through 2.7.10 allows allAccess administrators to retrieve all raw tokens via an "influx... Critical Unreviewed

CVE-2024-30896 was published Nov 27, 2024

Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not... Low Unreviewed

CVE-2020-10368 was published Nov 11, 2024

A vulnerability was found in PAM. The secret information is stored in memory, where the attacker... Moderate Unreviewed

CVE-2024-10041 was published Oct 23, 2024

HCL Sametime is impacted by misconfigured security related HTTP headers. It was identified that... Moderate Unreviewed

CVE-2024-30122 was published Oct 23, 2024

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.5.0 to 6.0.0,... Moderate Unreviewed

CVE-2024-31404 was published Jun 11, 2024

An issue in BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01BD, AV-01KBD, AV-02D, AV... Moderate Unreviewed

CVE-2024-37654 was published Jun 22, 2024

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2024-23205 was published Mar 8, 2024

Insufficient validation performed on the REST API License file in Paxton Net2 before 6.07.14023... High Unreviewed

CVE-2024-48939 was published Nov 11, 2024

In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability... Critical Unreviewed

CVE-2024-3502 was published Nov 14, 2024

In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability... Critical Unreviewed

CVE-2024-3501 was published Nov 14, 2024

This issue was addressed through improved state management. This issue is fixed in tvOS 17.4, iOS... Moderate Unreviewed

CVE-2024-23241 was published Mar 8, 2024

An issue in Huizhi enterprise resource management system v.1.0 and before allows a local attacker... Moderate Unreviewed

CVE-2024-42677 was published Aug 15, 2024

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16... Moderate Unreviewed

CVE-2024-27789 was published May 14, 2024

A security bypass vulnerability exists in the Removable Media Encryption (RME)component of... Moderate Unreviewed

CVE-2024-3334 was published Nov 15, 2024

An issue in uverif v.2.0 allows a remote attacker to obtain sensitive information. Moderate Unreviewed

CVE-2024-26559 was published Feb 29, 2024

A vulnerability in the web-based management interface of Cisco Smart Software Manager On... Moderate Unreviewed

CVE-2022-20939 was published Nov 15, 2024

An issue in the API endpoint /AccountMaster/GetCurrentUserInfo of INROAD before v202402060 allows... Moderate Unreviewed

CVE-2024-46635 was published Sep 30, 2024

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS... Moderate Unreviewed

CVE-2023-42840 was published Feb 21, 2024

Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local... Moderate Unreviewed

CVE-2024-34677 was published Nov 6, 2024

An authentication bypass vulnerability exists in the affected product. The vulnerability exists... Critical Unreviewed

CVE-2024-10943 was published Nov 12, 2024

Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.0.... Moderate Unreviewed

CVE-2024-31400 was published Jun 11, 2024

An issue was discovered on One2Track 2019-12-08 devices. Confidential information is needlessly... Moderate Unreviewed

CVE-2019-20469 was published Nov 7, 2024

An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access... Moderate Unreviewed

CVE-2024-35526 was published Jun 25, 2024

Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly flag for cookies... Moderate Unreviewed

CVE-2024-36788 was published Jun 7, 2024

A vulnerability has been discovered in all versions of Smartplay headunits, which are widely used... High Unreviewed

CVE-2024-39339 was published Sep 18, 2024

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

189 advisories