GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,063
Composer 4,318
Erlang 31
GitHub Actions 21
Go 2,074
Maven 5,249
npm 3,746
NuGet 674
pip 3,434
Pub 12
RubyGems 892
Rust 880
Swift 37

Unreviewed advisories

All unreviewed 241,039

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

899 advisories

Filter by severity

Sort by

Least recently updated

An information disclosure vulnerability exists in the testsave.sh functionality of Wavlink AC3000... Moderate Unreviewed

CVE-2024-39773 was published Jan 14, 2025

A firmware update vulnerability exists in the fw_check.sh functionality of Wavlink AC3000 M33A8... Critical Unreviewed

CVE-2024-39273 was published Jan 14, 2025

A firmware update vulnerability exists in the login.cgi functionality of Wavlink AC3000 M33A8... Critical Unreviewed

CVE-2024-39608 was published Jan 14, 2025

A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0... High Unreviewed

CVE-2024-35277 was published Jan 14, 2025

The MinigameCenter module has insufficient restrictions on loading URLs, which may lead to some... Moderate Unreviewed

CVE-2024-13185 was published Jan 8, 2025

The health module has insufficient restrictions on loading URLs, which may lead to some... Moderate Unreviewed

CVE-2024-13173 was published Jan 8, 2025

The MinigameCenter module has insufficient restrictions on loading URLs, which may lead to some... Moderate Unreviewed

CVE-2024-13186 was published Jan 8, 2025

Sensitive information disclosure due to missing authentication. The following products are... Moderate Unreviewed

CVE-2024-55538 was published Jan 2, 2025

In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP... Critical Unreviewed

CVE-2024-12106 was published Dec 31, 2024

A lack of authentication vulnerability exists in the HTTP API functionality of GoCast 1.1.3. A... Critical Unreviewed

CVE-2024-21855 was published Dec 20, 2024

An issue in Quectel BG96 BG96MAR02A08M1G allows attackers to bypass authentication via a crafted... Critical Unreviewed

CVE-2024-54984 was published Dec 20, 2024

An issue in Quectel BC25 with firmware version BC25PAR01A06 allows attackers to bypass... Critical Unreviewed

CVE-2024-54982 was published Dec 20, 2024

An issue in Quectel BC95-CNV V100R001C00SPC051 allows attackers to bypass authentication via a... Critical Unreviewed

CVE-2024-54983 was published Dec 20, 2024

A device takeover vulnerability exists in the Rockwell Automation Power Monitor 1000. This... Critical Unreviewed

CVE-2024-12371 was published Dec 18, 2024

Locally installed application can bypass the permission check and perform system operations that... High Unreviewed

CVE-2021-26280 was published Dec 17, 2024

Authentication Bypass vulnerability in Hitachi Ops Center Analyzer on Linux, 64 bit (Hitachi Ops... Critical Unreviewed

CVE-2024-10205 was published Dec 17, 2024

The wifi module exposes the interface and has improper permission control, leaking sensitive... Moderate Unreviewed

CVE-2021-26278 was published Dec 17, 2024

When using special mode to connect to enterprise wifi, certain options are not properly... Moderate Unreviewed

CVE-2020-12484 was published Dec 17, 2024

Lua apps can be deployed, removed, started, reloaded or stopped without authorization via... High Unreviewed

CVE-2024-10776 was published Dec 6, 2024

Unauthenticated CROWN APIs allow access to critical functions. This leads to the accessibility of... High Unreviewed

CVE-2024-10774 was published Dec 6, 2024

A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a... High Unreviewed

CVE-2024-42456 was published Dec 4, 2024

A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting... High Unreviewed

CVE-2024-42455 was published Dec 4, 2024

A vulnerability exists in Snap One OVRC cloud where an attacker can impersonate a Hub device and... High Unreviewed

CVE-2024-50381 was published Dec 2, 2024

Incorrect access control in the component l_0_0.xml of TP-Link ARCHER-C7 v5 allows attackers to... High Unreviewed

CVE-2024-53623 was published Nov 30, 2024

Certain modes of in-vehicle routers from Billion Electric have a Missing Authentication... Critical Unreviewed

CVE-2024-11980 was published Nov 29, 2024

Previous 1 2 3 4 5 … 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

899 advisories