GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,444

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

225 advisories

Filter by severity

Sort by

Least recently updated

Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter... Moderate Unreviewed

CVE-2024-30522 was published May 17, 2024

An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a... Moderate Unreviewed

CVE-2024-34397 was published May 7, 2024

TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed

CVE-2023-50224 was published May 3, 2024

TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed

CVE-2023-44447 was published May 3, 2024

An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions... Moderate Unreviewed

CVE-2024-1347 was published Apr 25, 2024

cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by... High Unreviewed

CVE-2024-33531 was published Apr 24, 2024

Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a... Moderate Unreviewed

CVE-2024-3843 was published Apr 17, 2024

An issue in Typora v.1.8.10 and before, allows a local attacker to obtain sensitive information... Moderate Unreviewed

CVE-2024-31784 was published Apr 16, 2024

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an... Moderate Unreviewed

CVE-2024-23558 was published Apr 15, 2024

A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748... High Unreviewed

CVE-2024-30191 was published Apr 9, 2024

A vulnerability has been identified in SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) (All versions),... Moderate Unreviewed

CVE-2024-30189 was published Apr 9, 2024

A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748... Moderate Unreviewed

CVE-2024-30190 was published Apr 9, 2024

By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it... Unknown Unreviewed

CVE-2024-29006 was published Apr 4, 2024

An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code... Moderate Unreviewed

CVE-2024-31008 was published Apr 3, 2024

in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification... High Unreviewed

CVE-2024-22092 was published Apr 2, 2024

In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in... Moderate Unreviewed

CVE-2024-28228 was published Mar 7, 2024

Dell Secure Connect Gateway 5.20 contains an improper authentication vulnerability during the SRS... High Unreviewed

CVE-2024-22457 was published Mar 1, 2024

An inconsistent user interface issue was addressed with improved state management. This issue is... High Unreviewed

CVE-2023-42843 was published Feb 21, 2024

When opening a website using the `firefox://` protocol handler, SameSite cookies were not... High Unreviewed

CVE-2024-1555 was published Feb 20, 2024

The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15... Critical Unreviewed

CVE-2024-23674 was published Feb 16, 2024

Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows... Moderate Unreviewed

CVE-2023-7169 was published Feb 8, 2024

An issue discovered in Dronetag Drone Scanner 1.5.2 allows attackers to impersonate other drones... High Unreviewed

CVE-2024-22520 was published Feb 7, 2024

An issue discovered in OpenDroneID OSM 3.5.1 allows attackers to impersonate other drones via... High Unreviewed

CVE-2024-22519 was published Feb 7, 2024

A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local... Moderate Unreviewed

CVE-2023-6044 was published Jan 19, 2024

Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful... High Unreviewed

CVE-2023-4566 was published Jan 16, 2024

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

225 advisories