GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,030 advisories
Filter by severity
A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an...
Moderate
Unreviewed
CVE-2024-11209
was published
Nov 14, 2024
A vulnerability was found in pam_access due to the improper handling of tokens in access.conf,...
Moderate
Unreviewed
CVE-2024-10963
was published
Nov 7, 2024
A vulnerability was found in knightliao Disconf 2.6.36. It has been classified as critical. This...
Moderate
Unreviewed
CVE-2024-10620
was published
Nov 1, 2024
Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical...
Moderate
Unreviewed
CVE-2024-31800
was published
Aug 15, 2024
A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this...
Moderate
Unreviewed
CVE-2024-10173
was published
Oct 20, 2024
An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server...
Moderate
Unreviewed
CVE-2023-22644
was published
Sep 20, 2023
Issue summary: The AES-SIV cipher implementation contains a bug that causes
it to ignore empty...
Moderate
Unreviewed
CVE-2023-2975
was published
Jul 14, 2023
Affected versions of Atlassian Jira Server and Data Center allow users who have watched an issue...
Moderate
Unreviewed
CVE-2021-39119
was published
May 24, 2022
Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could...
Moderate
Unreviewed
CVE-2024-23806
was published
Feb 7, 2024
Affected versions of Atlassian Jira Server and Data Center allow a user who has had their Jira...
Moderate
Unreviewed
CVE-2021-41309
was published
Dec 9, 2021
In the goTenna Pro there is a vulnerability that makes it possible to inject any custom message...
Moderate
Unreviewed
CVE-2024-47127
was published
Sep 26, 2024
An information disclosure issue in GitLab CE/EE affecting all versions from 16.0 prior to 16.0.6,...
Moderate
Unreviewed
CVE-2023-3362
was published
Jul 13, 2023
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions...
Moderate
Unreviewed
CVE-2024-1347
was published
Apr 25, 2024
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of...
Moderate
Unreviewed
CVE-2023-39215
was published
Sep 12, 2023
Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure...
Moderate
Unreviewed
CVE-2024-24698
was published
Feb 14, 2024
Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker...
Moderate
Unreviewed
CVE-2023-36926
was published
Aug 8, 2023
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated...
Moderate
Unreviewed
CVE-2023-49646
was published
Dec 14, 2023
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation...
Moderate
Unreviewed
CVE-2023-43582
was published
Nov 15, 2023
An authentication issue was addressed with improved state management. This issue is fixed in iOS...
Moderate
Unreviewed
CVE-2024-44202
was published
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and...
Moderate
Unreviewed
CVE-2024-44127
was published
Sep 17, 2024
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is...
Moderate
Unreviewed
CVE-2023-40660
was published
Nov 6, 2023
A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart...
Moderate
Unreviewed
CVE-2023-25493
was published
Apr 5, 2024
Sensitive information disclosure and manipulation due to improper authentication. The following...
Moderate
Unreviewed
CVE-2023-44152
was published
Sep 27, 2023
An issue discovered in Yealink VP59 Teams Editions with firmware version 91.15.0.118 allows a...
Moderate
Unreviewed
CVE-2024-30939
was published
Apr 25, 2024
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs...
Moderate
Unreviewed
CVE-2024-5957
was published
Sep 5, 2024
ProTip!
Advisories are also available from the
GraphQL API