GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
813 advisories
Filter by severity
A missing authentication check in the WebSocket channel used for the Check Point IoT integration...
Moderate
Unreviewed
CVE-2023-5253
was published
Jan 15, 2024
Lunary Improper Authentication vulnerability
Moderate
CVE-2024-6582
was published
for
lunary
(npm)
Sep 13, 2024
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3...
High
Unreviewed
CVE-2023-46381
was published
Nov 5, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21839
was published
Jan 18, 2023
Mautic has insufficient authentication in upgrade flow
High
CVE-2022-25770
was published
for
mautic/core
(Composer)
Sep 19, 2024
Mautic has insufficient authentication in upgrade flow
High
CVE-2024-47051
was published
for
mautic/core
(Composer)
Sep 18, 2024
An authentication bypass weakness in the message broker service of Ivanti Workspace Control...
High
Unreviewed
CVE-2024-8012
was published
Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Moderate
Unreviewed
CVE-2024-37991
was published
Sep 10, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
High
Unreviewed
CVE-2022-39425
was published
Oct 19, 2022
Vulnerability in the Oracle iSetup product of Oracle E-Business Suite (component: General Ledger...
High
Unreviewed
CVE-2023-21856
was published
Jan 18, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
High
Unreviewed
CVE-2022-39426
was published
Oct 19, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21837
was published
Jan 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21931
was published
Apr 18, 2023
On 2.1.15 version and below of Lider module in LiderAhenk software is leaking it's configurations...
High
Unreviewed
CVE-2021-3825
was published
May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21979
was published
Apr 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web...
High
Unreviewed
CVE-2023-21842
was published
Jan 18, 2023
A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart...
Moderate
Unreviewed
CVE-2023-25493
was published
Apr 5, 2024
Vulnerability in the Hospitality OPERA 5 Property Services product of Oracle Hospitality...
High
Unreviewed
CVE-2023-22087
was published
Oct 18, 2023
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:...
High
Unreviewed
CVE-2023-22047
was published
Jul 18, 2023
A vulnerability in the MSC800 allows an unauthenticated attacker to modify the product’s IP...
High
Unreviewed
CVE-2024-8751
was published
Sep 13, 2024
Improper Authentication in Apache Airflow
Moderate
CVE-2021-26697
was published
for
apache-airflow
(pip)
Jun 18, 2021
Missing Authorization in Apache Airflow
Moderate
CVE-2021-35936
was published
for
apache-airflow
(pip)
Aug 30, 2021
Missing Authentication for Critical Function in Apache Airflow
Critical
CVE-2021-38540
was published
for
apache-airflow
(pip)
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an...
Moderate
Unreviewed
CVE-2021-1246
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API