Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,305 advisories

Loading
WTCMS 1.0 is vulnerable to Incorrect Access Control in \Common\Controller\HomebaseController... Critical Unreviewed
CVE-2024-48237 was published Oct 26, 2024
Autolab Misconfigured Reset Password Permissions High
CVE-2024-49376 was published for Autolab (RubyGems) Oct 25, 2024
HenryHuang2004
OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST... High Unreviewed
CVE-2022-30356 was published Oct 25, 2024
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request... High Unreviewed
CVE-2022-30358 was published Oct 25, 2024
In ppmp_protect_buf of drm_fw.c, there is a possible information disclosure due to a logic error... Moderate Unreviewed
CVE-2024-47025 was published Oct 25, 2024
There is a possible Local bypass of user interaction due to an insecure default value. This could... Moderate Unreviewed
CVE-2024-44099 was published Oct 25, 2024
Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to Incorrect Access Control.... Critical Unreviewed
CVE-2024-41617 was published Oct 25, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... High Unreviewed
CVE-2024-45261 was published Oct 24, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... High Unreviewed
CVE-2024-45260 was published Oct 24, 2024
The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding... Critical Unreviewed
CVE-2024-48548 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows... High Unreviewed
CVE-2024-48546 was published Oct 24, 2024
A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause... Moderate Unreviewed
CVE-2024-10295 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of Sylvania Smart Home v3... High Unreviewed
CVE-2024-48544 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7... High Unreviewed
CVE-2024-48541 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of Yamaha Headphones... High Unreviewed
CVE-2024-48542 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8... High Unreviewed
CVE-2024-48547 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of IVY Smart v4.5.0 allows... High Unreviewed
CVE-2024-48545 was published Oct 24, 2024
Incorrect access control in XIAO HE Smart 4.3.1 allows attackers to access sensitive information... Moderate Unreviewed
CVE-2024-48540 was published Oct 24, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ... Moderate Unreviewed
CVE-2024-20482 was published Oct 23, 2024
Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass... Moderate Unreviewed
CVE-2024-49209 was published Oct 22, 2024
The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0... Critical Unreviewed
CVE-2024-38002 was published Oct 22, 2024
Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass... Moderate Unreviewed
CVE-2024-49208 was published Oct 22, 2024
Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API Low
CVE-2024-48925 was published for Umbraco.CMS (NuGet) Oct 22, 2024
thanhlam-attt
A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2024-10173 was published Oct 20, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with... High Unreviewed
CVE-2024-29821 was published Oct 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database