Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

143 advisories

Loading
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an... Critical Unreviewed
CVE-2024-30300 was published Jun 13, 2024
In lunary-ai/lunary version 1.2.4, an account takeover vulnerability exists due to the exposure... Critical Unreviewed
CVE-2024-5133 was published Jun 6, 2024
FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows... Critical Unreviewed
CVE-2024-4008 was published Jun 5, 2024
E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remote... Critical Unreviewed
CVE-2024-4300 was published Apr 29, 2024
An exposure of sensitive information vulnerability has been reported to affect Media Streaming... Critical Unreviewed
CVE-2023-47222 was published Apr 26, 2024
A vulnerability in Brocade SANnav ova versions before Brocade SANnav v2.3.1 and v2.3.0a exposes... Critical Unreviewed
CVE-2024-4173 was published Apr 25, 2024
By knowing an organization's ID, an attacker can join the organization without permission and... Critical Unreviewed
CVE-2024-1643 was published Apr 10, 2024
As a default user on a multi-user instance of AnythingLLM, you could execute a call to the `... Critical Unreviewed
CVE-2024-0765 was published Mar 3, 2024
The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary... Critical Unreviewed
CVE-2023-6248 was published Nov 22, 2023
The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive... Critical Unreviewed
CVE-2023-5576 was published Oct 20, 2023
Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to... Critical Unreviewed
CVE-2023-5642 was published Oct 18, 2023
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430,... Critical Unreviewed
CVE-2023-40622 was published Sep 13, 2023
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which... Critical Unreviewed
CVE-2023-0925 was published Sep 6, 2023
An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform ... Critical Unreviewed
CVE-2023-28765 was published Jul 6, 2023
HGiga PowerStation has a vulnerability of Information Leakage. An unauthenticated remote attacker... Critical Unreviewed
CVE-2023-24838 was published Jul 6, 2023
Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability... Critical Unreviewed
CVE-2022-48510 was published Jul 6, 2023
Vulnerability of incomplete read and write permission verification in the GPU module. Successful... Critical Unreviewed
CVE-2021-46891 was published Jul 5, 2023
Key management vulnerability on system. Successful exploitation of this vulnerability may affect... Critical Unreviewed
CVE-2023-3455 was published Jul 5, 2023
SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM... Critical Unreviewed
CVE-2023-32113 was published May 9, 2023
Campbell Scientific dataloggers CR6, CR300, CR800, CR1000 and CR3000 may allow an attacker to... Critical Unreviewed
CVE-2023-0321 was published Jan 26, 2023
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (... Critical Unreviewed
CVE-2022-32221 was published Dec 6, 2022
A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not... Critical Unreviewed
CVE-2021-3688 was published Aug 27, 2022
The sensitive information of webcam device is not properly protected. Remote attackers can... Critical Unreviewed
CVE-2021-30168 was published May 24, 2022
D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive... Critical Unreviewed
CVE-2015-0152 was published May 24, 2022
admin/user_import.php in Chamilo 1.11.14 reads XML data without disabling the ability to load... Critical Unreviewed
CVE-2021-32925 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API