Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,273 advisories

Loading
Unraid through 6.8.0 allows Remote Code Execution. High Unreviewed
CVE-2020-5847 was published May 24, 2022
Unraid 6.8.0 allows authentication bypass. High Unreviewed
CVE-2020-5849 was published May 24, 2022
An elevation of privilege vulnerability exists when Windows improperly handles authentication... High Unreviewed
CVE-2019-0543 was published May 13, 2022
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The... High Unreviewed
CVE-2024-37368 was published Jun 14, 2024
Authentication bypass vulnerability in Qrio Lock (Q-SL2) firmware version 2.0.9 and earlier... High Unreviewed
CVE-2023-25946 was published May 23, 2023
A denial-of-service vulnerability exists in CyberPower PowerPanel Business (PPB) 4.11.0. An... High Unreviewed
CVE-2024-11322 was published Jan 15, 2025
Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows... High Unreviewed
CVE-2023-6451 was published Feb 16, 2024
Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-30150 was published Jun 16, 2022
In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation. High Unreviewed
CVE-2024-1609 was published Dec 25, 2024
The AirVantage platform is vulnerable to an unauthorized attacker registering previously... High Unreviewed
CVE-2023-31279 was published Dec 21, 2024
In OPPO Store APP, there's a possible escalation of privilege due to improper input validation. High Unreviewed
CVE-2024-1610 was published Dec 18, 2024
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48496 was published Jun 19, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48494 was published Jun 19, 2023
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before... High Unreviewed
CVE-2024-2450 was published Mar 15, 2024
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate... High Unreviewed
CVE-2023-45866 was published Dec 8, 2023
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-10111 was published Dec 12, 2024
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49076 was published Dec 12, 2024
NVIDIA UFM Enterprise, UFM Appliance, and UFM CyberAI contain a vulnerability where an attacker... High Unreviewed
CVE-2024-0130 was published Dec 6, 2024
The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User... High Unreviewed
CVE-2024-11293 was published Dec 4, 2024
A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower... High Unreviewed
CVE-2020-3410 was published May 24, 2022
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local... High Unreviewed
CVE-2016-6434 was published May 17, 2022
An image with a version lower than the fuse version may potentially be booted lead to improper... High Unreviewed
CVE-2018-11952 was published Nov 26, 2024
Initial xbl_sec revision does not have all the debug policy features and critical checks. High Unreviewed
CVE-2016-10394 was published Nov 26, 2024
Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-6248 was published Nov 22, 2024
**UNSUPPORTED WHEN ASSIGNED** The improper authentication vulnerability in the Zyxel P-6101C ADSL... High Unreviewed
CVE-2024-11494 was published Nov 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database