Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

239 advisories

Loading
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September... Moderate Unreviewed
CVE-2024-8320 was published Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All... Moderate Unreviewed
CVE-2024-37991 was published Sep 10, 2024
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive... Moderate Unreviewed
CVE-2024-35151 was published Aug 22, 2024
Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing... Moderate Unreviewed
CVE-2024-43272 was published Aug 19, 2024
Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-38143 was published Aug 13, 2024
IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document... Moderate Unreviewed
CVE-2024-35143 was published Aug 4, 2024
A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u... Moderate Unreviewed
CVE-2024-7154 was published Jul 28, 2024
A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and... Moderate Unreviewed
CVE-2024-7079 was published Jul 24, 2024
Insufficient authentication in user account management in Yugabyte Platform allows local network... Moderate Unreviewed
CVE-2024-6895 was published Jul 19, 2024
The vulnerability allows an attacker to bypass the authentication requirements for a specific PAM... Moderate Unreviewed
CVE-2024-36457 was published Jul 15, 2024
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This... Moderate Unreviewed
CVE-2024-5952 was published Jun 13, 2024
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure... Moderate Unreviewed
CVE-2024-5947 was published Jun 13, 2024
The affected product is vulnerable to an attacker modifying the bootloader by using custom... Moderate Unreviewed
CVE-2024-38279 was published Jun 13, 2024
IBM System Storage DS8900F 89.22.19.0, 89.30.68.0, 89.32.40.0, 89.33.48.0, 89.40.83.0, and 89.40... Moderate Unreviewed
CVE-2024-22326 was published Jun 6, 2024
A user with device administrative privileges can change existing SMTP server settings on the... Moderate Unreviewed
CVE-2024-5143 was published May 23, 2024
A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an... Moderate Unreviewed
CVE-2024-20391 was published May 15, 2024
NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information... Moderate Unreviewed
CVE-2021-34983 was published May 8, 2024
D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2023-37325 was published May 8, 2024
D-Link D-View shutdown_coreserver Missing Authentication Denial-of-Service Vulnerability. This... Moderate Unreviewed
CVE-2023-44413 was published May 3, 2024
D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-41186 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure... Moderate Unreviewed
CVE-2023-39466 was published May 3, 2024
NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-27357 was published May 3, 2024
An unauthenticated attacker can reset the board and stop transmitter operations by sending a... Moderate Unreviewed
CVE-2024-21846 was published Apr 19, 2024
aEnrich Technology a+HRD's functionality for front-end retrieval of system configuration values... Moderate Unreviewed
CVE-2024-3774 was published Apr 15, 2024
A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe... Moderate Unreviewed
CVE-2024-30391 was published Apr 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database