GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,765
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+
1,439 advisories
Filter by severity
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The...
High
Unreviewed
CVE-2024-37368
was published
Jun 14, 2024
Authentication bypass vulnerability in Qrio Lock (Q-SL2) firmware version 2.0.9 and earlier...
High
Unreviewed
CVE-2023-25946
was published
May 23, 2023
PAM module may allow accessing with the credentials of another user
High
CVE-2024-9313
was published
for
github.com/ubuntu/authd
(Go)
Oct 3, 2024
A denial-of-service vulnerability exists in CyberPower PowerPanel Business (PPB) 4.11.0.
An...
High
Unreviewed
CVE-2024-11322
was published
Jan 15, 2025
Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows...
High
Unreviewed
CVE-2023-6451
was published
Feb 16, 2024
Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability.
High
Unreviewed
CVE-2022-30150
was published
Jun 16, 2022
Socialstream has a Potential Account Takeover Vulnerability in Social Account Linking Due to Missing User Consent After OAuth Callback
High
CVE-2024-56329
was published
for
joelbutcher/socialstream
(Composer)
Dec 20, 2024
In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation.
High
Unreviewed
CVE-2024-1609
was published
Dec 25, 2024
The AirVantage platform is vulnerable to an unauthorized attacker registering previously...
High
Unreviewed
CVE-2023-31279
was published
Dec 21, 2024
In OPPO Store APP, there's a possible escalation of privilege due to improper input validation.
High
Unreviewed
CVE-2024-1610
was published
Dec 18, 2024
Vulnerability of lax app identity verification in the pre-authorization function.Successful...
High
Unreviewed
CVE-2022-48496
was published
Jun 19, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful...
High
Unreviewed
CVE-2022-48494
was published
Jun 19, 2023
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before...
High
Unreviewed
CVE-2024-2450
was published
Mar 15, 2024
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate...
High
Unreviewed
CVE-2023-45866
was published
Dec 8, 2023
The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-10111
was published
Dec 12, 2024
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-49076
was published
Dec 12, 2024
NVIDIA UFM Enterprise, UFM Appliance, and UFM CyberAI contain a vulnerability where an attacker...
High
Unreviewed
CVE-2024-0130
was published
Dec 6, 2024
The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User...
High
Unreviewed
CVE-2024-11293
was published
Dec 4, 2024
Apache Ozone: Improper authentication when generating S3 secrets
High
CVE-2024-45106
was published
for
org.apache.ozone:ozone
(Maven)
Dec 3, 2024
A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower...
High
Unreviewed
CVE-2020-3410
was published
May 24, 2022
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local...
High
Unreviewed
CVE-2016-6434
was published
May 17, 2022
OpenStack Identity (Keystone) Trustee token revocations does not work with memcache backend
High
CVE-2014-2237
was published
for
keystone
(pip)
May 17, 2022
OpenStack Identity (Keystone) DoS through V3 API authentication chaining
High
CVE-2014-2828
was published
for
keystone
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API