GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,016
Erlang
29
GitHub Actions
16
Go
1,827
Maven
5,000+
npm
3,571
NuGet
632
pip
3,150
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
49 advisories
Filter by severity
An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices....
Critical
Unreviewed
CVE-2019-20468
was published
May 24, 2022
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation...
Critical
Unreviewed
CVE-2022-32207
was published
Jul 8, 2022
TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions...
Critical
Unreviewed
CVE-2022-42150
was published
Oct 19, 2023
TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the ...
Critical
Unreviewed
CVE-2023-27133
was published
Oct 17, 2023
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured...
Critical
Unreviewed
CVE-2022-4039
was published
Sep 22, 2023
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control...
Critical
Unreviewed
CVE-2023-31067
was published
Sep 11, 2023
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control...
Critical
Unreviewed
CVE-2023-31068
was published
Sep 11, 2023
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device...
Critical
Unreviewed
CVE-2023-29131
was published
Jul 11, 2023
An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An...
Critical
Unreviewed
CVE-2023-31116
was published
Jun 7, 2023
Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. A remote...
Critical
Unreviewed
CVE-2023-33282
was published
Jun 7, 2023
SoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the component provides the method...
Critical
Unreviewed
CVE-2023-29732
was published
May 30, 2023
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be...
Critical
Unreviewed
CVE-2023-29919
was published
May 23, 2023
An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which...
Critical
Unreviewed
CVE-2023-23059
was published
May 4, 2023
Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a...
Critical
Unreviewed
CVE-2023-26918
was published
Apr 14, 2023
Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.
Critical
Unreviewed
CVE-2019-17124
was published
May 24, 2022
influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing...
Critical
Unreviewed
CVE-2022-36640
was published
Sep 3, 2022
Permission management vulnerability in the PMS module. Successful exploitation of this...
Critical
Unreviewed
CVE-2023-46773
was published
Dec 6, 2023
Insecure Permissions vulnerability in GL.iNet AX1800 v.3.215 and before allows a remote attacker...
Critical
Unreviewed
CVE-2023-47462
was published
Nov 29, 2023
An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus...
Critical
Unreviewed
CVE-2021-37167
was published
May 24, 2022
An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration...
Critical
Unreviewed
CVE-2021-34182
was published
Feb 17, 2023
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious...
Critical
Unreviewed
CVE-2020-14521
was published
Feb 12, 2022
ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms...
Critical
Unreviewed
CVE-2021-39658
was published
Feb 12, 2022
ims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify...
Critical
Unreviewed
CVE-2021-39635
was published
Feb 12, 2022
It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu...
Critical
Unreviewed
CVE-2021-20001
was published
Feb 12, 2022
eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php.
Critical
Unreviewed
CVE-2021-46093
was published
Feb 2, 2022
ProTip!
Advisories are also available from the
GraphQL API