GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,394 advisories
Filter by severity
An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN...
High
Unreviewed
CVE-2024-45750
was published
Sep 25, 2024
Mautic vulnerable to Improper Access Control in UI upgrade process
High
CVE-2022-25768
was published
for
mautic/core
(Composer)
Sep 18, 2024
Improper authentication vulnerability in multiple digital video recorders provided by TAKENAKA...
High
Unreviewed
CVE-2024-41929
was published
Sep 18, 2024
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication...
High
Unreviewed
CVE-2024-45113
was published
Sep 13, 2024
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38225
was published
Sep 10, 2024
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam...
High
Unreviewed
CVE-2024-40713
was published
Sep 7, 2024
Host name validation for TLS certificates is bypassed when the installed OpenEdge default...
High
Unreviewed
CVE-2024-7346
was published
Sep 3, 2024
Flowise Authentication Bypass vulnerability
High
CVE-2024-8181
was published
for
flowise
(npm)
Aug 27, 2024
Netskope was notified about a security gap in Netskope Client enrollment process where NSClient...
High
Unreviewed
CVE-2024-7401
was published
Aug 26, 2024
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker...
High
Unreviewed
CVE-2024-36444
was published
Aug 22, 2024
Servision - CWE-287: Improper Authentication
High
Unreviewed
CVE-2024-42336
was published
Aug 20, 2024
CVE-2024-6078 IMPACT
An improper authentication vulnerability exists in the affected product,...
High
Unreviewed
CVE-2024-6078
was published
Aug 14, 2024
Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote...
High
Unreviewed
CVE-2024-36132
was published
Aug 7, 2024
RobotsAndPencils go-saml authentication bypass vulnerability
High
CVE-2023-48703
was published
for
github.com/RobotsAndPencils/go-saml
(Go)
Aug 5, 2024
A command injection vulnerability could allow an authenticated user to execute operating system...
High
Unreviewed
CVE-2022-4002
was published
Jul 31, 2024
A vulnerability was reported in Lenovo PC Manager prior to version 2.8.90.11211 that could allow...
High
Unreviewed
CVE-2019-6198
was published
Jul 31, 2024
An authentication bypass vulnerability could allow an attacker to access API functions without...
High
Unreviewed
CVE-2022-4001
was published
Jul 31, 2024
A vulnerability was reported in Lenovo PC Manager prior to version 2.8.90.11211 that could allow...
High
Unreviewed
CVE-2019-6197
was published
Jul 31, 2024
Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to...
High
Unreviewed
CVE-2024-6576
was published
Jul 29, 2024
Improper Authentication vulnerability in OpenText OpenText Directory Services may allow Multi...
High
Unreviewed
CVE-2024-7050
was published
Jul 26, 2024
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information...
High
Unreviewed
CVE-2024-28992
was published
Jul 17, 2024
The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass...
High
Unreviewed
CVE-2024-23465
was published
Jul 17, 2024
Securepoint UTM before 12.6.5 mishandles OTP codes.
High
Unreviewed
CVE-2024-39340
was published
Jul 12, 2024
Mattermost versions 9.8.x <= 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5, when...
High
Unreviewed
CVE-2024-39830
was published
Jul 3, 2024
In versions of Akana in versions prior to and including 2022.1.3 validation is broken when using...
High
Unreviewed
CVE-2024-3826
was published
Jul 2, 2024
ProTip!
Advisories are also available from the
GraphQL API