GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,807
Composer 4,036
Erlang 29
GitHub Actions 18
Go 1,848
Maven 5,062
npm 3,582
NuGet 636
pip 3,165
Pub 10
RubyGems 850
Rust 803
Swift 34

Unreviewed advisories

All unreviewed 226,053

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,084 advisories

Filter by severity

Sort by

Least recently updated

The system application (com.transsion.kolun.aiservice) component does not perform an... Critical Unreviewed

CVE-2024-3701 was published Apr 15, 2024

BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been... Moderate Unreviewed

CVE-2024-37028 was published Aug 14, 2024

Servision - CWE-287: Improper Authentication High Unreviewed

CVE-2024-42336 was published Aug 20, 2024

An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with... Moderate Unreviewed

CVE-2024-25157 was published Aug 14, 2024

An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the... Critical Unreviewed

CVE-2024-24496 was published Feb 8, 2024

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12.... High Unreviewed

CVE-2024-37367 was published Jun 14, 2024

Improper Authentication vulnerability in upKeeper Solutions product upKeeper Manager allows... Critical Unreviewed

CVE-2024-42462 was published Aug 16, 2024

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical... Moderate Unreviewed

CVE-2024-31800 was published Aug 15, 2024

In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space... Low Unreviewed

CVE-2024-41829 was published Jul 22, 2024

CVE-2024-6078 IMPACT An improper authentication vulnerability exists in the affected product,... High Unreviewed

CVE-2024-6078 was published Aug 14, 2024

Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1... Critical Unreviewed

CVE-2024-7593 was published Aug 13, 2024

A command injection vulnerability could allow an authenticated user to execute operating system... High Unreviewed

CVE-2022-4002 was published Jul 31, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'),... Moderate Unreviewed

CVE-2024-35775 was published Aug 13, 2024

An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1 allows a... Moderate Unreviewed

CVE-2024-34788 was published Aug 7, 2024

An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an... Critical Unreviewed

CVE-2024-36130 was published Aug 7, 2024

Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote... High Unreviewed

CVE-2024-36132 was published Aug 7, 2024

Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow... Moderate Unreviewed

CVE-2024-42164 was published Aug 12, 2024

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient... Moderate Unreviewed

CVE-2024-37085 was published Jun 25, 2024

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed

CVE-2024-28009 was published Mar 28, 2024

ReCrystallize Server 5.10.0.0 uses a authorization mechanism that relies on the value of a cookie... High Unreviewed

CVE-2024-26331 was published Apr 30, 2024

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5... Critical Unreviewed

CVE-2020-22657 was published Jan 20, 2023

An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access... Critical Unreviewed

CVE-2024-7395 was published Aug 5, 2024

Improper Authentication vulnerability in OpenText OpenText Directory Services may allow Multi... High Unreviewed

CVE-2024-7050 was published Jul 26, 2024

In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote viewing and... Critical Unreviewed

CVE-2023-31634 was published Mar 27, 2024

IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an... High Unreviewed

CVE-2024-27275 was published Jun 15, 2024

Previous 1 2 3 4 5 … 123 124 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,084 advisories