Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

65 advisories

Loading
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service... High Unreviewed
CVE-2024-22066 was published Oct 29, 2024
IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay. High Unreviewed
CVE-2024-46041 was published Oct 7, 2024
The session hijacking attack targets the application layer's control mechanism, which manages... High Unreviewed
CVE-2024-43099 was published Sep 13, 2024
An attacker with local access to machine where MicroSCADA X SYS600 is installed, could enable the... High Unreviewed
CVE-2024-3982 was published Aug 27, 2024
An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and... High Unreviewed
CVE-2024-38890 was published Aug 2, 2024
There exists a vulnerability in Quickshare/Nearby where an attacker can bypass the accept file... High Unreviewed
CVE-2024-38272 was published Jun 26, 2024
@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass High
CVE-2024-34065 was published for @strapi/plugin-users-permissions (npm) Jun 12, 2024
Eventyret iarce-qb
derrickmehaffy innerdvations alexandrebodin
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise... High Unreviewed
CVE-2024-29851 was published May 23, 2024
Veeam Backup Enterprise Manager allows account takeover via NTLM relay. High Unreviewed
CVE-2024-29850 was published May 23, 2024
The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to... High Unreviewed
CVE-2023-46892 was published Jan 23, 2024
Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3... High Unreviewed
CVE-2022-46480 was published Dec 5, 2023
CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X... High Unreviewed
CVE-2023-39547 was published Nov 17, 2023
Sustainsys.Saml2 Insufficient Identity Provider Issuer Validation High
CVE-2023-41890 was published for Kentor.AuthServices (NuGet) Sep 20, 2023
c53robin
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor with man-in... High Unreviewed
CVE-2023-20900 was published Aug 31, 2023
ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication Bypass. The implementation... High Unreviewed
CVE-2023-34625 was published Jul 20, 2023
Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an... High Unreviewed
CVE-2022-25837 was published Jul 6, 2023
Bluetooth® Low Energy Pairing in Bluetooth Core Specification v4.0 through v5.3 may permit an... High Unreviewed
CVE-2022-25836 was published Jul 6, 2023
Vulnerability of identity verification being bypassed in the storage module. Successful... High Unreviewed
CVE-2022-48507 was published Jul 6, 2023
Weak security in the transmitter of Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 allows... High Unreviewed
CVE-2023-31761 was published May 24, 2023
Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows... High Unreviewed
CVE-2023-31762 was published May 24, 2023
Weak Security in the 433MHz keyfob of Kerui W18 Alarm System v1.0 allows attackers to gain full... High Unreviewed
CVE-2023-31759 was published May 24, 2023
Weak security in the transmitter of AGShome Smart Alarm v1.0 allows attackers to gain full access... High Unreviewed
CVE-2023-31763 was published May 24, 2023
thorsten/phpmyfaq vulnerable to authentication bypass High
CVE-2023-1886 was published for thorsten/phpmyfaq (Composer) Apr 5, 2023
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an... High Unreviewed
CVE-2023-0036 was published Jan 9, 2023
softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has... High Unreviewed
CVE-2023-0035 was published Jan 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database