GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,459

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

111 advisories

Filter by severity

Sort by

Least recently updated

shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g.,... Low Unreviewed

CVE-2024-56433 was published Dec 26, 2024

An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. It uses a default SSID value,... Moderate Unreviewed

CVE-2020-11917 was published Nov 7, 2024

Asio C++ Library before 1.13.0 lacks a fallback error code in the case of SSL_ERROR_SYSCALL with... High Unreviewed

CVE-2019-25219 was published Oct 29, 2024

Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user... Moderate Unreviewed

CVE-2024-9949 was published Oct 23, 2024

HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused... Moderate Unreviewed

CVE-2024-30124 was published Oct 23, 2024

Insecure initial password configuration issue in SEIKO EPSON Web Config allows a remote... High Unreviewed

CVE-2024-47295 was published Oct 1, 2024

A condition exists in FlashArray Purity whereby a local account intended for initial array... Critical Unreviewed

CVE-2024-0001 was published Sep 23, 2024

there is a possible arbitrary read due to an insecure default value. This could lead to local... Moderate Unreviewed

CVE-2024-44096 was published Sep 13, 2024

Firefox normally asks for confirmation before asking the operating system to find an application... High Unreviewed

CVE-2024-8383 was published Sep 3, 2024

In onForegroundServiceButtonClicked of FooterActionsViewModel.kt, there is a possible way to... High Unreviewed

CVE-2024-34734 was published Aug 16, 2024

A remote unauthenticated attacker can use the firmware update feature on the LAN interface of the... High Unreviewed

CVE-2024-6788 was published Aug 13, 2024

Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote... Moderate Unreviewed

CVE-2024-5801 was published Aug 12, 2024

Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR... Critical Unreviewed

CVE-2024-31070 was published Jul 17, 2024

A vulnerability in the BluStar component of Mitel InAttend 2.6 SP4 through 2.7 and CMG 8.5 SP4... Critical Unreviewed

CVE-2024-28815 was published Mar 27, 2024

Initialization of a resource with an insecure default vulnerability in OET-213H-BTS1 sold in... High Unreviewed

CVE-2024-25972 was published Mar 1, 2024

The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users... Moderate Unreviewed

CVE-2024-0387 was published Feb 26, 2024

In Liferay Portal 7.2.0 through 7.4.3.25, and older unsupported versions, and Liferay DXP 7.4... Moderate Unreviewed

CVE-2024-26267 was published Feb 20, 2024

Certain configuration available in the communication channel for encoders could expose sensitive... Moderate Unreviewed

CVE-2024-22388 was published Feb 7, 2024

The affected devices use publicly available default credentials with administrative privileges. Critical Unreviewed

CVE-2023-39169 was published Dec 7, 2023

Unitronics Vision Series PLCs and HMIs use default administrative passwords. An unauthenticated... Critical Unreviewed

CVE-2023-6448 was published Dec 5, 2023

An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther... High Unreviewed

CVE-2023-27516 was published Oct 12, 2023

On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances... Moderate Unreviewed

CVE-2023-5368 was published Oct 4, 2023

The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10... Moderate Unreviewed

CVE-2023-40708 was published Aug 24, 2023

ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by... High Unreviewed

CVE-2023-3453 was published Aug 24, 2023

In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb... High Unreviewed

CVE-2023-35689 was published Aug 15, 2023

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

111 advisories