Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

204 advisories

Loading
The Versa Director offers REST APIs for orchestration and management. By design, certain APIs,... Moderate Unreviewed
CVE-2024-45229 was published Sep 20, 2024
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September... Moderate Unreviewed
CVE-2024-8320 was published Sep 10, 2024
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September... Moderate Unreviewed
CVE-2024-8321 was published Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All... Moderate Unreviewed
CVE-2024-37991 was published Sep 10, 2024
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive... Moderate Unreviewed
CVE-2024-35151 was published Aug 22, 2024
Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing... Moderate Unreviewed
CVE-2024-43272 was published Aug 19, 2024
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-38143 was published Aug 13, 2024
IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document... Moderate Unreviewed
CVE-2024-35143 was published Aug 4, 2024
A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u... Moderate Unreviewed
CVE-2024-7154 was published Jul 28, 2024
A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and... Moderate Unreviewed
CVE-2024-7079 was published Jul 24, 2024
Insufficient authentication in user account management in Yugabyte Platform allows local network... Moderate Unreviewed
CVE-2024-6895 was published Jul 19, 2024
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This... Moderate Unreviewed
CVE-2024-5952 was published Jun 13, 2024
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure... Moderate Unreviewed
CVE-2024-5947 was published Jun 13, 2024
IBM System Storage DS8900F 89.22.19.0, 89.30.68.0, 89.32.40.0, 89.33.48.0, 89.40.83.0, and 89.40... Moderate Unreviewed
CVE-2024-22326 was published Jun 6, 2024
A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an... Moderate Unreviewed
CVE-2024-20391 was published May 15, 2024
NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information... Moderate Unreviewed
CVE-2021-34983 was published May 8, 2024
D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2023-37325 was published May 8, 2024
D-Link D-View shutdown_coreserver Missing Authentication Denial-of-Service Vulnerability. This... Moderate Unreviewed
CVE-2023-44413 was published May 3, 2024
D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-41186 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure... Moderate Unreviewed
CVE-2023-39466 was published May 3, 2024
NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-27357 was published May 3, 2024
An unauthenticated attacker can reset the board and stop transmitter operations by sending a... Moderate Unreviewed
CVE-2024-21846 was published Apr 19, 2024
A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe... Moderate Unreviewed
CVE-2024-30391 was published Apr 12, 2024
A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart... Moderate Unreviewed
CVE-2023-25493 was published Apr 5, 2024
** DISPUTED ** A Missing Authentication for Critical Function issue affecting the HTTP service... Moderate Unreviewed
CVE-2023-6949 was published Apr 2, 2024
ProTip! Advisories are also available from the GraphQL API