Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

73 advisories

Loading
In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an... Critical Unreviewed
CVE-2024-55956 was published Dec 13, 2024
WAVLINK WN701AE M01AE_V240305 was discovered to contain a hardcoded password vulnerability in ... Critical Unreviewed
CVE-2024-54745 was published Dec 6, 2024
COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-54751 was published Dec 10, 2024
An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build... Critical Unreviewed
CVE-2024-45494 was published Dec 10, 2024
WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-54747 was published Dec 6, 2024
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb... Critical Unreviewed
CVE-2024-51378 was published Oct 30, 2024
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required... Critical Unreviewed
CVE-2024-11703 was published Nov 26, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2023-42945 was published Feb 21, 2024
Ever Traduora 0.20.0 and below is vulnerable to Privilege Escalation due to the use of a hard... Critical Unreviewed
CVE-2024-53484 was published Dec 2, 2024
OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible... Critical Unreviewed
CVE-2024-46054 was published Nov 27, 2024
An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges. Critical Unreviewed
CVE-2024-51162 was published Nov 20, 2024
In the getHost() function of UriTest.java, there is the possibility of incorrect web origin... Critical Unreviewed
CVE-2018-9467 was published Nov 20, 2024
AVSCMS v8.2.0 was discovered to contain weak default credentials for the Administrator account. Critical Unreviewed
CVE-2024-51051 was published Nov 19, 2024
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise... Critical Unreviewed
CVE-2024-44760 was published Aug 28, 2024
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows... Critical Unreviewed
CVE-2024-51567 was published Oct 30, 2024
An issue was discovered on Brother MFC-J491DW C1806180757 devices. The printer's web-interface... Critical Unreviewed
CVE-2019-20457 was published Nov 7, 2024
Trimble TM4Web 22.2.0 allows unauthenticated attackers to access /inc/tm_ajax.msw?func... Critical Unreviewed
CVE-2023-27195 was published Nov 8, 2024
Vulnerability of improper permission control in the window management module. Impact: Successful... Critical Unreviewed
CVE-2024-30415 was published Apr 7, 2024
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request... Critical Unreviewed
CVE-2022-30355 was published Oct 25, 2024
TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Privilege Management: from... Critical Unreviewed
CVE-2023-33745 was published Jul 27, 2023
netaddr before 1.5.3 and 2.0.4 has Incorrect Default Permissions Critical
CVE-2019-17383 was published for netaddr (RubyGems) Oct 14, 2019
stuarthannig
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious... Critical Unreviewed
CVE-2020-14521 was published Feb 12, 2022
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue... Critical Unreviewed
CVE-2024-3375 was published Apr 29, 2024
It was possible for a web extension with minimal permissions to create a `StreamFilter` which... Critical Unreviewed
CVE-2024-7525 was published Aug 6, 2024
An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices.... Critical Unreviewed
CVE-2019-20468 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database