GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,655
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
280 advisories
Filter by severity
The goTenna Pro series allows unauthenticated attackers to remotely update the local public keys...
High
Unreviewed
CVE-2024-47130
was published
Sep 26, 2024
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent:...
High
Unreviewed
CVE-2017-10271
was published
May 13, 2022
The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up...
High
Unreviewed
CVE-2024-7781
was published
Sep 26, 2024
SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7...
High
Unreviewed
CVE-2023-35874
was published
Jul 11, 2023
Advantech ADAM-5630
has built-in commands that can be executed without authenticating the
user....
High
Unreviewed
CVE-2024-39364
was published
Sep 27, 2024
Missing authentication in the StudentPopupDetails_EmergencyContactDetails method in...
High
Unreviewed
CVE-2023-27377
was published
Oct 25, 2023
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Admin...
High
Unreviewed
CVE-2022-39412
was published
Oct 19, 2022
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3...
High
Unreviewed
CVE-2023-46381
was published
Nov 5, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21839
was published
Jan 18, 2023
An authentication bypass weakness in the message broker service of Ivanti Workspace Control...
High
Unreviewed
CVE-2024-8012
was published
Sep 10, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
High
Unreviewed
CVE-2022-39425
was published
Oct 19, 2022
Vulnerability in the Oracle iSetup product of Oracle E-Business Suite (component: General Ledger...
High
Unreviewed
CVE-2023-21856
was published
Jan 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21837
was published
Jan 18, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
High
Unreviewed
CVE-2022-39426
was published
Oct 19, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21931
was published
Apr 18, 2023
On 2.1.15 version and below of Lider module in LiderAhenk software is leaking it's configurations...
High
Unreviewed
CVE-2021-3825
was published
May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21979
was published
Apr 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web...
High
Unreviewed
CVE-2023-21842
was published
Jan 18, 2023
Vulnerability in the Hospitality OPERA 5 Property Services product of Oracle Hospitality...
High
Unreviewed
CVE-2023-22087
was published
Oct 18, 2023
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:...
High
Unreviewed
CVE-2023-22047
was published
Jul 18, 2023
A vulnerability in the MSC800 allows an unauthenticated attacker to modify the product’s IP...
High
Unreviewed
CVE-2024-8751
was published
Sep 13, 2024
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU...
High
Unreviewed
CVE-2019-14927
was published
May 24, 2022
Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect ...
High
Unreviewed
CVE-2023-5881
was published
Jan 3, 2024
Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and...
High
Unreviewed
CVE-2024-39300
was published
Aug 30, 2024
The product exposes a service that is intended for local only to
all network interfaces without...
High
Unreviewed
CVE-2024-7940
was published
Aug 27, 2024
ProTip!
Advisories are also available from the
GraphQL API