Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

17 advisories

Loading
A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request... Critical Unreviewed
CVE-2024-33897 was published Aug 6, 2024
eClass platform < ip.2.5.10.2.1 allows an attacker to use GETS method to request /admin page to... Critical Unreviewed
CVE-2019-9884 was published May 24, 2022
Missing Access Control in the "Free Time" component of several Zyxel UAG, USG, and ZyWall devices... Critical Unreviewed
CVE-2019-12583 was published May 24, 2022
Lack of authentication in all versions of the fileserver component of Allegro AI’s ClearML... Critical Unreviewed
CVE-2024-24592 was published Feb 6, 2024
Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to... Critical Unreviewed
CVE-2024-0204 was published Jan 22, 2024
Open Redirect in url-parse Critical
CVE-2018-3774 was published for url-parse (npm) Aug 13, 2018
Rapid7 Nexpose versions 6.6.186 and below suffer from a forced browsing vulnerability. This... Critical Unreviewed
CVE-2023-1699 was published Mar 30, 2023
A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to... Critical Unreviewed
CVE-2022-41746 was published Oct 11, 2022
OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass authentication via a direct... Critical Unreviewed
CVE-2018-6624 was published May 13, 2022
The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows... Critical Unreviewed
CVE-2018-19207 was published May 13, 2022
add_user in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an... Critical Unreviewed
CVE-2018-18922 was published May 13, 2022
Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global... Critical Unreviewed
CVE-2017-17736 was published May 13, 2022
"Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows remote attackers to bypass... Critical Unreviewed
CVE-2017-10833 was published May 13, 2022
D-Link DIR-600M C1 3.04 devices allow authentication bypass via a direct request to the wan.htm... Critical Unreviewed
CVE-2019-7736 was published May 13, 2022
An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2... Critical Unreviewed
CVE-2017-14244 was published May 13, 2022
Eloan V3.0 through 2018-09-20 allows remote attackers to list files via a direct request to the... Critical Unreviewed
CVE-2019-9552 was published May 13, 2022
An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress... Critical Unreviewed
CVE-2021-24215 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database