GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
62 advisories
Filter by severity
An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges.
Critical
Unreviewed
CVE-2024-51162
was published
Nov 20, 2024
In the getHost() function of UriTest.java, there is the possibility of incorrect web origin...
Critical
Unreviewed
CVE-2018-9467
was published
Nov 20, 2024
AVSCMS v8.2.0 was discovered to contain weak default credentials for the Administrator account.
Critical
Unreviewed
CVE-2024-51051
was published
Nov 19, 2024
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise...
Critical
Unreviewed
CVE-2024-44760
was published
Aug 28, 2024
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows...
Critical
Unreviewed
CVE-2024-51567
was published
Oct 30, 2024
An issue was discovered on Brother MFC-J491DW C1806180757 devices. The printer's web-interface...
Critical
Unreviewed
CVE-2019-20457
was published
Nov 7, 2024
Trimble TM4Web 22.2.0 allows unauthenticated attackers to access /inc/tm_ajax.msw?func...
Critical
Unreviewed
CVE-2023-27195
was published
Nov 8, 2024
Vulnerability of improper permission control in the window management module.
Impact: Successful...
Critical
Unreviewed
CVE-2024-30415
was published
Apr 7, 2024
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb...
Critical
Unreviewed
CVE-2024-51378
was published
Oct 30, 2024
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request...
Critical
Unreviewed
CVE-2022-30355
was published
Oct 25, 2024
TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Privilege Management: from...
Critical
Unreviewed
CVE-2023-33745
was published
Jul 27, 2023
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious...
Critical
Unreviewed
CVE-2020-14521
was published
Feb 12, 2022
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue...
Critical
Unreviewed
CVE-2024-3375
was published
Apr 29, 2024
It was possible for a web extension with minimal permissions to create a `StreamFilter` which...
Critical
Unreviewed
CVE-2024-7525
was published
Aug 6, 2024
An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices....
Critical
Unreviewed
CVE-2019-20468
was published
May 24, 2022
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation...
Critical
Unreviewed
CVE-2022-32207
was published
Jul 8, 2022
TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions...
Critical
Unreviewed
CVE-2022-42150
was published
Oct 19, 2023
TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the ...
Critical
Unreviewed
CVE-2023-27133
was published
Oct 17, 2023
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured...
Critical
Unreviewed
CVE-2022-4039
was published
Sep 22, 2023
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control...
Critical
Unreviewed
CVE-2023-31068
was published
Sep 11, 2023
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control...
Critical
Unreviewed
CVE-2023-31067
was published
Sep 11, 2023
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device...
Critical
Unreviewed
CVE-2023-29131
was published
Jul 11, 2023
An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An...
Critical
Unreviewed
CVE-2023-31116
was published
Jun 7, 2023
Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. A remote...
Critical
Unreviewed
CVE-2023-33282
was published
Jun 7, 2023
SoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the component provides the method...
Critical
Unreviewed
CVE-2023-29732
was published
May 30, 2023
ProTip!
Advisories are also available from the
GraphQL API