GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,215
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

243 advisories

Filter by severity

Sort by

Least recently updated

The issue was addressed by removing the relevant flags. This issue is fixed in watchOS 11.2, iOS... Critical Unreviewed

CVE-2024-54512 was published Jan 28, 2025

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile... Critical Unreviewed

CVE-2025-21556 was published Jan 21, 2025

An issue in OPEXUS FOIAXPRESS PUBLIC ACCESS LINK v11.1.0 allows attackers to bypass... Critical Unreviewed

CVE-2024-53553 was published Jan 17, 2025

macrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The application's JWT signing keys... Critical Unreviewed

CVE-2024-57432 was published Jan 31, 2025

SSH Communication Security PrivX versions between 18.0-36.0 implement insufficient validation on... Critical Unreviewed

CVE-2024-47857 was published Jan 31, 2025

Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products... Critical Unreviewed

CVE-2023-27388 was published May 23, 2023

The GarminOS TVM component in CIQ API version 2.1.0 through 4.1.7 allows applications with a... Critical Unreviewed

CVE-2023-23304 was published May 23, 2023

The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business... Critical Unreviewed

CVE-2022-26143 was published Mar 11, 2022

Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360... Critical Unreviewed

CVE-2022-29081 was published Apr 29, 2022

Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue... Critical Unreviewed

CVE-2024-13281 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows... Critical Unreviewed

CVE-2024-13258 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows... Critical Unreviewed

CVE-2024-13253 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Smart IP Ban allows Forceful Browsing.This issue... Critical Unreviewed

CVE-2024-13277 was published Jan 9, 2025

Incorrect Authorization vulnerability in Drupal Diff allows Functionality Misuse.This issue... Critical Unreviewed

CVE-2024-13278 was published Jan 9, 2025

lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members... Critical Unreviewed

CVE-2024-1741 was published Apr 10, 2024

An issue was discovered in freakchicken kafkaUI-lite 1.2.11 allows attackers on the same network... Critical Unreviewed

CVE-2023-27716 was published Jun 12, 2023

Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method. Critical Unreviewed

CVE-2023-32220 was published Jun 12, 2023

The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed

CVE-2024-45519 was published Oct 3, 2024

Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android... Critical Unreviewed

CVE-2023-4617 was published Dec 19, 2024

Dante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect access control for some sockd.conf... Critical Unreviewed

CVE-2024-54662 was published Dec 17, 2024

A permissions issue was addressed by removing vulnerable code and adding additional checks. This... Critical Unreviewed

CVE-2024-44217 was published Oct 29, 2024

ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability.... Critical Unreviewed

CVE-2024-11680 was published Nov 26, 2024

An authentication issue was addressed with improved state management. This issue is fixed in... Critical Unreviewed

CVE-2024-23255 was published Mar 8, 2024

Incorrect access control in wms-Warehouse management system-zeqp v2.20.9.1 due to the token value... Critical Unreviewed

CVE-2024-52732 was published Dec 2, 2024

A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS... Critical Unreviewed

CVE-2024-31695 was published Nov 15, 2024

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

243 advisories