GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
828 advisories
Filter by severity
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions ...
High
Unreviewed
CVE-2024-50310
was published
Nov 12, 2024
Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin...
High
Unreviewed
CVE-2024-30616
was published
Nov 4, 2024
Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization...
High
Unreviewed
CVE-2024-45164
was published
Nov 4, 2024
Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate...
High
Unreviewed
CVE-2024-51426
was published
Oct 30, 2024
Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate...
High
Unreviewed
CVE-2024-51425
was published
Oct 30, 2024
Kyverno's PolicyException objects can be created in any namespace by default
High
CVE-2024-48921
was published
for
github.com/kyverno/kyverno
(Go)
Oct 29, 2024
A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.1...
High
Unreviewed
CVE-2024-44270
was published
Oct 28, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
High
Unreviewed
CVE-2024-44289
was published
Oct 28, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44196
was published
Oct 28, 2024
OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST...
High
Unreviewed
CVE-2022-30356
was published
Oct 25, 2024
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request...
High
Unreviewed
CVE-2022-30358
was published
Oct 25, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
High
Unreviewed
CVE-2024-45260
was published
Oct 24, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
High
Unreviewed
CVE-2024-45261
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows...
High
Unreviewed
CVE-2024-48546
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8...
High
Unreviewed
CVE-2024-48547
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of IVY Smart v4.5.0 allows...
High
Unreviewed
CVE-2024-48545
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of Yamaha Headphones...
High
Unreviewed
CVE-2024-48542
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of Sylvania Smart Home v3...
High
Unreviewed
CVE-2024-48544
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7...
High
Unreviewed
CVE-2024-48541
was published
Oct 24, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with...
High
Unreviewed
CVE-2024-29213
was published
Oct 19, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with...
High
Unreviewed
CVE-2024-29821
was published
Oct 19, 2024
Vulnerability in the Oracle Quoting product of Oracle E-Business Suite (component: User Interface...
High
Unreviewed
CVE-2024-21275
was published
Oct 15, 2024
Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite (component:...
High
Unreviewed
CVE-2024-21276
was published
Oct 15, 2024
Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft ...
High
Unreviewed
CVE-2024-21283
was published
Oct 15, 2024
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component:...
High
Unreviewed
CVE-2024-21268
was published
Oct 15, 2024
ProTip!
Advisories are also available from the
GraphQL API