GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,001
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
834 advisories
Filter by severity
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component:...
High
Unreviewed
CVE-2024-21287
was published
Nov 19, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.0 prior to 17.3.7...
High
Unreviewed
CVE-2024-9693
was published
Nov 14, 2024
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions ...
High
Unreviewed
CVE-2024-50310
was published
Nov 12, 2024
Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin...
High
Unreviewed
CVE-2024-30616
was published
Nov 4, 2024
Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization...
High
Unreviewed
CVE-2024-45164
was published
Nov 4, 2024
Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate...
High
Unreviewed
CVE-2024-51426
was published
Oct 30, 2024
Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate...
High
Unreviewed
CVE-2024-51425
was published
Oct 30, 2024
Kyverno's PolicyException objects can be created in any namespace by default
High
CVE-2024-48921
was published
for
github.com/kyverno/kyverno
(Go)
Oct 29, 2024
A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.1...
High
Unreviewed
CVE-2024-44270
was published
Oct 28, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
High
Unreviewed
CVE-2024-44289
was published
Oct 28, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44196
was published
Oct 28, 2024
Autolab Misconfigured Reset Password Permissions
High
CVE-2024-49376
was published
for
Autolab
(RubyGems)
Oct 25, 2024
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request...
High
Unreviewed
CVE-2022-30358
was published
Oct 25, 2024
OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST...
High
Unreviewed
CVE-2022-30356
was published
Oct 25, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
High
Unreviewed
CVE-2024-45260
was published
Oct 24, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
High
Unreviewed
CVE-2024-45261
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows...
High
Unreviewed
CVE-2024-48546
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of Sylvania Smart Home v3...
High
Unreviewed
CVE-2024-48544
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7...
High
Unreviewed
CVE-2024-48541
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8...
High
Unreviewed
CVE-2024-48547
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of Yamaha Headphones...
High
Unreviewed
CVE-2024-48542
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of IVY Smart v4.5.0 allows...
High
Unreviewed
CVE-2024-48545
was published
Oct 24, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with...
High
Unreviewed
CVE-2024-29213
was published
Oct 19, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with...
High
Unreviewed
CVE-2024-29821
was published
Oct 19, 2024
Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Field...
High
Unreviewed
CVE-2024-21271
was published
Oct 15, 2024
ProTip!
Advisories are also available from the
GraphQL API