Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,516 advisories

Loading
**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An... Critical Unreviewed
CVE-2024-34399 was published Sep 18, 2024
Mautic vulnerable to Improper Access Control in UI upgrade process High
CVE-2022-25768 was published for mautic/core (Composer) Sep 18, 2024
mollux escopecz
patrykgruszka
Improper authentication vulnerability in multiple digital video recorders provided by TAKENAKA... High Unreviewed
CVE-2024-41929 was published Sep 18, 2024
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication... Critical Unreviewed
CVE-2024-8956 was published Sep 17, 2024
An authentication issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed
CVE-2024-44202 was published Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and... Moderate Unreviewed
CVE-2024-44127 was published Sep 17, 2024
OpenDaylight Authentication, Authorization and Accounting (AAA) peer impersonation vulnerability Moderate
CVE-2024-46943 was published for org.opendaylight.aaa:aaa-artifacts (Maven) Sep 16, 2024
Lunary Improper Authentication vulnerability Moderate
CVE-2024-6582 was published for lunary (npm) Sep 13, 2024
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication... High Unreviewed
CVE-2024-45113 was published Sep 13, 2024
CVE-2024-45823 IMPACT An authentication bypass vulnerability exists in the affected product.... Critical Unreviewed
CVE-2024-45823 was published Sep 12, 2024
Eclipse Dataspace Components's ConsumerPullTransferTokenValidationApiController doesn't check for token validit Moderate
CVE-2024-8642 was published for org.eclipse.edc:transfer-data-plane (Maven) Sep 11, 2024
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38225 was published Sep 10, 2024
Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function. Critical Unreviewed
CVE-2023-37226 was published Sep 10, 2024
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam... High Unreviewed
CVE-2024-40713 was published Sep 7, 2024
An improper authentication vulnerability has been reported to affect Music Station. If exploited,... Moderate Unreviewed
CVE-2023-45038 was published Sep 6, 2024
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain... Moderate Unreviewed
CVE-2024-5956 was published Sep 5, 2024
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs... Moderate Unreviewed
CVE-2024-5957 was published Sep 5, 2024
ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The... Moderate Unreviewed
CVE-2024-44821 was published Sep 4, 2024
An authentication bypass vulnerability has been identified in Foreman when deployed with External... Critical Unreviewed
CVE-2024-7012 was published Sep 4, 2024
An authentication bypass vulnerability has been identified in Pulpcore when deployed with... Critical Unreviewed
CVE-2024-7923 was published Sep 4, 2024
The PixelYourSite – Your smart PIXEL (TAG) & API Manager and the PixelYourSite PRO plugins for... Moderate Unreviewed
CVE-2024-7870 was published Sep 4, 2024
Host name validation for TLS certificates is bypassed when the installed OpenEdge default... High Unreviewed
CVE-2024-7346 was published Sep 3, 2024
In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor... Moderate Unreviewed
CVE-2024-7745 was published Aug 28, 2024
Flowise Authentication Bypass vulnerability High
CVE-2024-8181 was published for flowise (npm) Aug 27, 2024
Netskope was notified about a security gap in Netskope Client enrollment process where NSClient... High Unreviewed
CVE-2024-7401 was published Aug 26, 2024
ProTip! Advisories are also available from the GraphQL API