GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
73 advisories
Filter by severity
In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an...
Critical
Unreviewed
CVE-2024-55956
was published
Dec 13, 2024
An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build...
Critical
Unreviewed
CVE-2024-45494
was published
Dec 10, 2024
COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc...
Critical
Unreviewed
CVE-2024-54751
was published
Dec 10, 2024
WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc...
Critical
Unreviewed
CVE-2024-54747
was published
Dec 6, 2024
WAVLINK WN701AE M01AE_V240305 was discovered to contain a hardcoded password vulnerability in ...
Critical
Unreviewed
CVE-2024-54745
was published
Dec 6, 2024
Ever Traduora 0.20.0 and below is vulnerable to Privilege Escalation due to the use of a hard...
Critical
Unreviewed
CVE-2024-53484
was published
Dec 2, 2024
OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible...
Critical
Unreviewed
CVE-2024-46054
was published
Nov 27, 2024
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required...
Critical
Unreviewed
CVE-2024-11703
was published
Nov 26, 2024
An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges.
Critical
Unreviewed
CVE-2024-51162
was published
Nov 20, 2024
In the getHost() function of UriTest.java, there is the possibility of incorrect web origin...
Critical
Unreviewed
CVE-2018-9467
was published
Nov 20, 2024
AVSCMS v8.2.0 was discovered to contain weak default credentials for the Administrator account.
Critical
Unreviewed
CVE-2024-51051
was published
Nov 19, 2024
Trimble TM4Web 22.2.0 allows unauthenticated attackers to access /inc/tm_ajax.msw?func...
Critical
Unreviewed
CVE-2023-27195
was published
Nov 8, 2024
An issue was discovered on Brother MFC-J491DW C1806180757 devices. The printer's web-interface...
Critical
Unreviewed
CVE-2019-20457
was published
Nov 7, 2024
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb...
Critical
Unreviewed
CVE-2024-51378
was published
Oct 30, 2024
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows...
Critical
Unreviewed
CVE-2024-51567
was published
Oct 30, 2024
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request...
Critical
Unreviewed
CVE-2022-30355
was published
Oct 25, 2024
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise...
Critical
Unreviewed
CVE-2024-44760
was published
Aug 28, 2024
It was possible for a web extension with minimal permissions to create a `StreamFilter` which...
Critical
Unreviewed
CVE-2024-7525
was published
Aug 6, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue...
Critical
Unreviewed
CVE-2024-3375
was published
Apr 29, 2024
Vulnerability of improper permission control in the window management module.
Impact: Successful...
Critical
Unreviewed
CVE-2024-30415
was published
Apr 7, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Critical
Unreviewed
CVE-2023-42945
was published
Feb 21, 2024
Permission management vulnerability in the PMS module. Successful exploitation of this...
Critical
Unreviewed
CVE-2023-46773
was published
Dec 6, 2023
Insecure Permissions vulnerability in GL.iNet AX1800 v.3.215 and before allows a remote attacker...
Critical
Unreviewed
CVE-2023-47462
was published
Nov 29, 2023
TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions...
Critical
Unreviewed
CVE-2022-42150
was published
Oct 19, 2023
TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the ...
Critical
Unreviewed
CVE-2023-27133
was published
Oct 17, 2023
ProTip!
Advisories are also available from the
GraphQL API