GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,400
Composer 4,386
Erlang 33
GitHub Actions 22
Go 2,141
Maven 5,315
npm 3,803
NuGet 687
pip 3,480
Pub 12
RubyGems 897
Rust 898
Swift 38

Unreviewed advisories

All unreviewed 245,801

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

150 advisories

Filter by severity

Sort by

Least recently updated

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter... Moderate Unreviewed

CVE-2024-30522 was published May 17, 2024

Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows... Moderate Unreviewed

CVE-2024-25595 was published May 17, 2024

An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a... Moderate Unreviewed

CVE-2024-34397 was published May 7, 2024

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to external service interaction... Moderate Unreviewed

CVE-2022-22364 was published May 3, 2024

TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed

CVE-2023-50224 was published May 3, 2024

TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed

CVE-2023-44447 was published May 3, 2024

An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions... Moderate Unreviewed

CVE-2024-1347 was published Apr 25, 2024

Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a... Moderate Unreviewed

CVE-2024-3843 was published Apr 17, 2024

An issue in Typora v.1.8.10 and before, allows a local attacker to obtain sensitive information... Moderate Unreviewed

CVE-2024-31784 was published Apr 16, 2024

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an... Moderate Unreviewed

CVE-2024-23558 was published Apr 15, 2024

A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748... Moderate Unreviewed

CVE-2024-30190 was published Apr 9, 2024

A vulnerability has been identified in SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) (All versions),... Moderate Unreviewed

CVE-2024-30189 was published Apr 9, 2024

An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code... Moderate Unreviewed

CVE-2024-31008 was published Apr 3, 2024

In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in... Moderate Unreviewed

CVE-2024-28228 was published Mar 7, 2024

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS... Moderate Unreviewed

CVE-2023-42889 was published Feb 21, 2024

Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows... Moderate Unreviewed

CVE-2023-7169 was published Feb 8, 2024

A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local... Moderate Unreviewed

CVE-2023-6044 was published Jan 19, 2024

An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a... Moderate Unreviewed

CVE-2023-4001 was published Jan 15, 2024

ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and... Moderate Unreviewed

CVE-2024-0454 was published Jan 12, 2024

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance ... Moderate Unreviewed

CVE-2023-20245 was published Nov 1, 2023

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance ... Moderate Unreviewed

CVE-2023-20256 was published Nov 1, 2023

Multiple Cisco products are affected by a vulnerability in Snort access control policies that... Moderate Unreviewed

CVE-2023-20246 was published Nov 1, 2023

An authentication bypass by spoofing of a device with a synthetic IP address is possible in... Moderate Unreviewed

CVE-2023-28803 was published Oct 23, 2023

This Activity Log WordPress plugin before 2.8.8 retrieves client IP addresses from potentially... Moderate Unreviewed

CVE-2023-4281 was published Sep 25, 2023

The DoLogin Security WordPress plugin before 3.7 uses headers such as the X-Forwarded-For to... Moderate Unreviewed

CVE-2023-4631 was published Sep 25, 2023

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

150 advisories