GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
936 advisories
Filter by severity
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00...
High
Unreviewed
CVE-2024-35124
was published
Aug 13, 2024
IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document...
Moderate
Unreviewed
CVE-2024-35143
was published
Aug 4, 2024
Navidrome uses MD5 hashing algorithm
Moderate
CVE-2024-41259
was published
for
github.com/navidrome/navidrome
(Go)
Aug 1, 2024
There is a MEDIUM severity vulnerability affecting CPython.
The
“socket” module provides a pure...
Low
Unreviewed
CVE-2024-3219
was published
Jul 30, 2024
A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u...
Moderate
Unreviewed
CVE-2024-7154
was published
Jul 28, 2024
Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass...
High
Unreviewed
CVE-2024-7007
was published
Jul 25, 2024
A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and...
Moderate
Unreviewed
CVE-2024-7079
was published
Jul 24, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5...
High
Unreviewed
CVE-2024-39601
was published
Jul 22, 2024
D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel
Critical
Unreviewed
CVE-2024-38437
was published
Jul 21, 2024
Insufficient authentication in user account management in Yugabyte Platform allows local network...
Moderate
Unreviewed
CVE-2024-6895
was published
Jul 19, 2024
Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: GL...
High
Unreviewed
CVE-2024-21146
was published
Jul 17, 2024
The vulnerability allows an attacker to bypass the authentication requirements for a specific PAM...
Moderate
Unreviewed
CVE-2024-36457
was published
Jul 15, 2024
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an...
Critical
Unreviewed
CVE-2024-5910
was published
Jul 10, 2024
An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read,...
Critical
Unreviewed
CVE-2024-6422
was published
Jul 10, 2024
Insecure permissions in the component /api/admin/user of 14Finger v1.1 allows attackers to access...
High
Unreviewed
CVE-2024-37767
was published
Jul 5, 2024
A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs....
Critical
Unreviewed
CVE-2023-41918
was published
Jul 2, 2024
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive...
High
Unreviewed
CVE-2024-31916
was published
Jun 27, 2024
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider
High
CVE-2023-22650
was published
for
github.com/rancher/rancher
(Go)
Jun 17, 2024
STRIMZI incorrect access control
High
CVE-2024-36543
was published
for
io.strimzi:strimzi
(Maven)
Jun 17, 2024
Toshiba printers provides API without authentication for internal access. A local attacker can...
High
Unreviewed
CVE-2024-27169
was published
Jun 14, 2024
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure...
Moderate
Unreviewed
CVE-2024-5947
was published
Jun 13, 2024
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This...
Moderate
Unreviewed
CVE-2024-5952
was published
Jun 13, 2024
Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability....
High
Unreviewed
CVE-2024-5951
was published
Jun 13, 2024
The affected product is vulnerable to an attacker modifying the bootloader by using custom...
Moderate
Unreviewed
CVE-2024-38279
was published
Jun 13, 2024
An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server /
API Gateway...
Critical
Unreviewed
CVE-2024-2013
was published
Jun 11, 2024
ProTip!
Advisories are also available from the
GraphQL API