GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
773 advisories
Filter by severity
TEM Opera Plus FM Family Transmitter allows access to an unprotected endpoint that allows MPFS...
Critical
Unreviewed
CVE-2024-41988
was published
Oct 3, 2024
An unauthenticated remote attacker may use the devices traffic capture without authentication to...
Moderate
Unreviewed
CVE-2024-35294
was published
Oct 2, 2024
An unauthenticated remote attacker may use a missing authentication for critical function...
Critical
Unreviewed
CVE-2024-35293
was published
Oct 2, 2024
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control....
Critical
Unreviewed
CVE-2024-46293
was published
Sep 30, 2024
Certain switch models from PLANET Technology lack proper access control in firmware upload and...
Critical
Unreviewed
CVE-2024-8456
was published
Sep 30, 2024
Advantech ADAM-5630
has built-in commands that can be executed without authenticating the
user....
High
Unreviewed
CVE-2024-39364
was published
Sep 27, 2024
OPW Fuel Management Systems SiteSentinel
could allow an attacker to bypass authentication to the...
Critical
Unreviewed
CVE-2024-8310
was published
Sep 27, 2024
OMNTEC Proteus Tank Monitoring OEL8000III Series
could allow an attacker to perform...
Critical
Unreviewed
CVE-2024-6981
was published
Sep 27, 2024
The goTenna Pro series allows unauthenticated attackers to remotely update the local public keys...
High
Unreviewed
CVE-2024-47130
was published
Sep 26, 2024
The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up...
High
Unreviewed
CVE-2024-7781
was published
Sep 26, 2024
Missing authentication for critical function vulnerability in proxy settings functionality in...
Moderate
Unreviewed
CVE-2023-52949
was published
Sep 26, 2024
Missing authentication for critical function vulnerability in logout functionality in Synology...
Moderate
Unreviewed
CVE-2023-52947
was published
Sep 26, 2024
The Versa Director offers REST APIs for orchestration and management. By design, certain APIs,...
Moderate
Unreviewed
CVE-2024-45229
was published
Sep 20, 2024
A vulnerability in the MSC800 allows an unauthenticated attacker to modify the product’s IP...
High
Unreviewed
CVE-2024-8751
was published
Sep 13, 2024
The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass...
Critical
Unreviewed
CVE-2024-8277
was published
Sep 11, 2024
An authentication bypass weakness in the message broker service of Ivanti Workspace Control...
High
Unreviewed
CVE-2024-8012
was published
Sep 10, 2024
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September...
Moderate
Unreviewed
CVE-2024-8320
was published
Sep 10, 2024
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September...
Moderate
Unreviewed
CVE-2024-8321
was published
Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Moderate
Unreviewed
CVE-2024-37991
was published
Sep 10, 2024
Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and...
High
Unreviewed
CVE-2024-39300
was published
Aug 30, 2024
The product exposes a service that is intended for local only to
all network interfaces without...
High
Unreviewed
CVE-2024-7940
was published
Aug 27, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without...
Critical
Unreviewed
CVE-2024-36445
was published
Aug 22, 2024
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive...
Moderate
Unreviewed
CVE-2024-35151
was published
Aug 22, 2024
Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing...
Moderate
Unreviewed
CVE-2024-43272
was published
Aug 19, 2024
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-38143
was published
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API