GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
77 advisories
Filter by severity
Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to...
High
Unreviewed
CVE-2022-30319
was published
Jul 29, 2022
The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820...
High
Unreviewed
CVE-2009-1048
was published
May 2, 2022
An issue discovered in Dronetag Drone Scanner 1.5.2 allows attackers to impersonate other drones...
High
Unreviewed
CVE-2024-22520
was published
Feb 7, 2024
Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS...
High
Unreviewed
CVE-2024-22457
was published
Mar 1, 2024
in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification...
High
Unreviewed
CVE-2024-22092
was published
Apr 2, 2024
The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept...
High
Unreviewed
CVE-2022-47522
was published
Apr 15, 2023
A lack of in app notification for entering fullscreen mode could have lead to a malicious website...
High
Unreviewed
CVE-2023-25743
was published
Jun 2, 2023
A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate...
High
Unreviewed
CVE-2022-32747
was published
Jul 6, 2023
AMI SPx contains a vulnerability in BMC where a User may cause an authentication bypass by...
High
Unreviewed
CVE-2023-34329
was published
Jul 18, 2023
This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from...
High
Unreviewed
CVE-2023-4279
was published
Sep 4, 2023
This user-activity-log-pro WordPress plugin before 2.3.4 retrieves client IP addresses from...
High
Unreviewed
CVE-2023-5133
was published
Oct 16, 2023
A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748...
High
Unreviewed
CVE-2024-30191
was published
Apr 9, 2024
Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were...
High
Unreviewed
CVE-2022-36331
was published
Jun 12, 2023
Apache HugeGraph-Server: Bypass whitelist in Auth mode
High
CVE-2024-27349
was published
for
org.apache.hugegraph:hugegraph-api
(Maven)
Apr 22, 2024
OctoPrint has an Authentication Bypass via X-Forwarded-For Header when autologinLocal is enabled
High
CVE-2024-32977
was published
for
OctoPrint
(pip)
May 14, 2024
Windows AppX Installer Spoofing Vulnerability
High
Unreviewed
CVE-2021-43890
was published
Dec 16, 2021
Ollama DNS rebinding vulnerability
High
CVE-2024-28224
was published
for
github.com/ollama/ollama
(Go)
Apr 8, 2024
cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by...
High
Unreviewed
CVE-2024-33531
was published
Apr 24, 2024
Jenkins Script Security Plugin sandbox bypass vulnerability
High
CVE-2024-34145
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 2, 2024
Microsoft Outlook for Mac Spoofing Vulnerability.
High
Unreviewed
CVE-2022-44713
was published
Dec 13, 2022
The CloudStack SAML authentication (disabled by default) does not enforce signature check. In...
High
Unreviewed
CVE-2024-41107
was published
Jul 19, 2024
PingOne MFA Integration Kit contains a vulnerability related to the Prompt Users to Set Up MFA...
High
Unreviewed
CVE-2023-40356
was published
Jul 9, 2024
PingOne MFA Integration Kit contains a vulnerability where the skipMFA action can be configured...
High
Unreviewed
CVE-2023-40702
was published
Jul 9, 2024
Apache SeaTunnel Web Authentication vulnerability
High
CVE-2023-48396
was published
for
org.apache.seatunnel:seatunnel-web
(Maven)
Jul 30, 2024
A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can...
High
Unreviewed
CVE-2024-5037
was published
Jun 5, 2024
ProTip!
Advisories are also available from the
GraphQL API