GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
37 advisories
Filter by severity
Azure CycleCloud Remote Code Execution Vulnerability
Critical
Unreviewed
CVE-2024-43602
was published
Nov 12, 2024
An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an...
Critical
Unreviewed
CVE-2024-36130
was published
Aug 7, 2024
An improper authorization vulnerability exists in the mintplex-labs/anything-llm application,...
Critical
Unreviewed
CVE-2024-3033
was published
Jun 6, 2024
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType parameter...
Critical
Unreviewed
CVE-2024-34257
was published
May 8, 2024
DedeCMS V5.7.114 is vulnerable to deletion of any file via mail_file_manage.php.
Critical
Unreviewed
CVE-2024-33749
was published
May 6, 2024
lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members...
Critical
Unreviewed
CVE-2024-1741
was published
Apr 10, 2024
EisBaer Scada - CWE-285: Improper Authorization
Critical
Unreviewed
CVE-2023-42491
was published
Oct 25, 2023
A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS...
Critical
Unreviewed
CVE-2023-20186
was published
Sep 27, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this...
Critical
Unreviewed
CVE-2023-39402
was published
Aug 13, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this...
Critical
Unreviewed
CVE-2023-39401
was published
Aug 13, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this...
Critical
Unreviewed
CVE-2023-39398
was published
Aug 13, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this...
Critical
Unreviewed
CVE-2023-39400
was published
Aug 13, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this...
Critical
Unreviewed
CVE-2023-39399
was published
Aug 13, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this...
Critical
Unreviewed
CVE-2023-39403
was published
Aug 13, 2023
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS...
Critical
Unreviewed
CVE-2023-30467
was published
Apr 28, 2023
Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication...
Critical
Unreviewed
CVE-2022-3748
was published
Apr 14, 2023
The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server are vulnerable to an improper...
Critical
Unreviewed
CVE-2023-1256
was published
Mar 16, 2023
A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact...
Critical
Unreviewed
CVE-2022-27583
was published
Nov 1, 2022
Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and...
Critical
Unreviewed
CVE-2022-39862
was published
Oct 7, 2022
Improper Authorization in GitHub repository kromitgmbh/titra prior to 0.79.1.
Critical
Unreviewed
CVE-2022-2595
was published
Aug 2, 2022
4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated...
Critical
Unreviewed
CVE-2021-42338
was published
May 24, 2022
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the...
Critical
Unreviewed
CVE-2021-41974
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Critical
Unreviewed
CVE-2021-36029
was published
May 24, 2022
Improper authorization vulnerability in QSAN Storage Manager allows remote privileged users to...
Critical
Unreviewed
CVE-2021-32523
was published
May 24, 2022
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 ...
Critical
Unreviewed
CVE-2021-28799
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API