Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,427
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

895 advisories

Loading
The MinigameCenter module has insufficient restrictions on loading URLs, which may lead to some... Moderate Unreviewed
CVE-2024-13186 was published Jan 8, 2025
The MinigameCenter module has insufficient restrictions on loading URLs, which may lead to some... Moderate Unreviewed
CVE-2024-13185 was published Jan 8, 2025
The health module has insufficient restrictions on loading URLs, which may lead to some... Moderate Unreviewed
CVE-2024-13173 was published Jan 8, 2025
An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication... Critical Unreviewed
CVE-2023-33553 was published Jun 7, 2023
Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this... Critical Unreviewed
CVE-2023-30762 was published Jun 13, 2023
Windows LSA Spoofing Vulnerability. High Unreviewed
CVE-2022-26925 was published May 11, 2022
Sensitive information disclosure due to missing authentication. The following products are... Moderate Unreviewed
CVE-2024-55538 was published Jan 2, 2025
An issue in Quectel BC95-CNV V100R001C00SPC051 allows attackers to bypass authentication via a... Critical Unreviewed
CVE-2024-54983 was published Dec 20, 2024
An issue in Quectel BC25 with firmware version BC25PAR01A06 allows attackers to bypass... Critical Unreviewed
CVE-2024-54982 was published Dec 20, 2024
An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted... Critical Unreviewed
CVE-2024-54984 was published Dec 20, 2024
In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP... Critical Unreviewed
CVE-2024-12106 was published Dec 31, 2024
A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A... Critical Unreviewed
CVE-2024-21855 was published Dec 20, 2024
A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This... Critical Unreviewed
CVE-2024-12371 was published Dec 18, 2024
NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive,... Critical Unreviewed
CVE-2022-23227 was published Jan 15, 2022
Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP... Critical Unreviewed
CVE-2019-17082 was published Nov 26, 2024
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48494 was published Jun 19, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48496 was published Jun 19, 2023
Locally installed application can bypass the permission check and perform system operations that... High Unreviewed
CVE-2021-26280 was published Dec 17, 2024
Authentication Bypass vulnerability in Hitachi Ops Center Analyzer on Linux, 64 bit (Hitachi Ops... Critical Unreviewed
CVE-2024-10205 was published Dec 17, 2024
The wifi module exposes the interface and has improper permission control, leaking sensitive... Moderate Unreviewed
CVE-2021-26278 was published Dec 17, 2024
When using special mode to connect to enterprise wifi, certain options are not properly... Moderate Unreviewed
CVE-2020-12484 was published Dec 17, 2024
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server... Critical Unreviewed
CVE-2023-42793 was published Sep 19, 2023
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before... High Unreviewed
CVE-2024-2450 was published Mar 15, 2024
Admin authentication can be bypassed with some specific invalid credentials, which allows logging... Moderate Unreviewed
CVE-2024-33616 was published Nov 26, 2024
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful... High Unreviewed
CVE-2022-48621 was published Feb 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database