GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
749 advisories
Filter by severity
The Versa Director offers REST APIs for orchestration and management. By design, certain APIs,...
Moderate
Unreviewed
CVE-2024-45229
was published
Sep 20, 2024
A vulnerability in the MSC800 allows an unauthenticated attacker to modify the product’s IP...
High
Unreviewed
CVE-2024-8751
was published
Sep 13, 2024
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September...
Moderate
Unreviewed
CVE-2024-8320
was published
Sep 10, 2024
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September...
Moderate
Unreviewed
CVE-2024-8321
was published
Sep 10, 2024
An authentication bypass weakness in the message broker service of Ivanti Workspace Control...
High
Unreviewed
CVE-2024-8012
was published
Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Moderate
Unreviewed
CVE-2024-37991
was published
Sep 10, 2024
Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and...
High
Unreviewed
CVE-2024-39300
was published
Aug 30, 2024
The product exposes a service that is intended for local only to
all network interfaces without...
High
Unreviewed
CVE-2024-7940
was published
Aug 27, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without...
Critical
Unreviewed
CVE-2024-36445
was published
Aug 22, 2024
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive...
Moderate
Unreviewed
CVE-2024-35151
was published
Aug 22, 2024
Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing...
Moderate
Unreviewed
CVE-2024-43272
was published
Aug 19, 2024
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-38143
was published
Aug 13, 2024
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00...
High
Unreviewed
CVE-2024-35124
was published
Aug 13, 2024
IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document...
Moderate
Unreviewed
CVE-2024-35143
was published
Aug 4, 2024
A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u...
Moderate
Unreviewed
CVE-2024-7154
was published
Jul 28, 2024
Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass...
High
Unreviewed
CVE-2024-7007
was published
Jul 25, 2024
A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and...
Moderate
Unreviewed
CVE-2024-7079
was published
Jul 24, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5...
High
Unreviewed
CVE-2024-39601
was published
Jul 22, 2024
D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel
Critical
Unreviewed
CVE-2024-38437
was published
Jul 21, 2024
Insufficient authentication in user account management in Yugabyte Platform allows local network...
Moderate
Unreviewed
CVE-2024-6895
was published
Jul 19, 2024
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an...
Critical
Unreviewed
CVE-2024-5910
was published
Jul 10, 2024
An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read,...
Critical
Unreviewed
CVE-2024-6422
was published
Jul 10, 2024
A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs....
Critical
Unreviewed
CVE-2023-41918
was published
Jul 2, 2024
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive...
High
Unreviewed
CVE-2024-31916
was published
Jun 27, 2024
Toshiba printers provides API without authentication for internal access. A local attacker can...
High
Unreviewed
CVE-2024-27169
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API