GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,527

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,227 advisories

Filter by severity

Sort by

Least recently updated

WTCMS 1.0 is vulnerable to Incorrect Access Control in \Common\Controller\HomebaseController... Critical Unreviewed

CVE-2024-48237 was published Oct 26, 2024

OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST... High Unreviewed

CVE-2022-30356 was published Oct 25, 2024

OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request... High Unreviewed

CVE-2022-30358 was published Oct 25, 2024

In ppmp_protect_buf of drm_fw.c, there is a possible information disclosure due to a logic error... Moderate Unreviewed

CVE-2024-47025 was published Oct 25, 2024

There is a possible Local bypass of user interaction due to an insecure default value. This could... Moderate Unreviewed

CVE-2024-44099 was published Oct 25, 2024

Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to Incorrect Access Control.... Critical Unreviewed

CVE-2024-41617 was published Oct 25, 2024

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... High Unreviewed

CVE-2024-45260 was published Oct 24, 2024

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... High Unreviewed

CVE-2024-45261 was published Oct 24, 2024

The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding... Critical Unreviewed

CVE-2024-48548 was published Oct 24, 2024

A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause... Moderate Unreviewed

CVE-2024-10295 was published Oct 24, 2024

Incorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows... High Unreviewed

CVE-2024-48546 was published Oct 24, 2024

Incorrect access control in the firmware update and download processes of Sylvania Smart Home v3... High Unreviewed

CVE-2024-48544 was published Oct 24, 2024

Incorrect access control in the firmware update and download processes of IVY Smart v4.5.0 allows... High Unreviewed

CVE-2024-48545 was published Oct 24, 2024

Incorrect access control in the firmware update and download processes of Yamaha Headphones... High Unreviewed

CVE-2024-48542 was published Oct 24, 2024

Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7... High Unreviewed

CVE-2024-48541 was published Oct 24, 2024

Incorrect access control in XIAO HE Smart 4.3.1 allows attackers to access sensitive information... Moderate Unreviewed

CVE-2024-48540 was published Oct 24, 2024

Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8... High Unreviewed

CVE-2024-48547 was published Oct 24, 2024

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ... Moderate Unreviewed

CVE-2024-20482 was published Oct 23, 2024

Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass... Moderate Unreviewed

CVE-2024-49209 was published Oct 22, 2024

Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass... Moderate Unreviewed

CVE-2024-49208 was published Oct 22, 2024

The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0... Critical Unreviewed

CVE-2024-38002 was published Oct 22, 2024

Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API Low

CVE-2024-48925 was published for Umbraco.CMS (NuGet) Oct 22, 2024

A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this... Moderate Unreviewed

CVE-2024-10173 was published Oct 20, 2024

Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with... High Unreviewed

CVE-2024-29213 was published Oct 19, 2024

Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with... High Unreviewed

CVE-2024-29821 was published Oct 19, 2024

Previous 1 2 3 4 5 … 89 90 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,227 advisories