Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

81 advisories

Loading
CMSimple 5.16 allows the user to edit log.php file via print page. Critical Unreviewed
CVE-2024-57548 was published Jan 28, 2025
This issue was addressed with improved message validation. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-24135 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS... Critical Unreviewed
CVE-2025-24174 was published Jan 28, 2025
Infoblox BloxOne v2.4 was discovered to contain a business logic flaw due to thick client... Critical Unreviewed
CVE-2024-46505 was published Jan 9, 2025
A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated... Critical Unreviewed
CVE-2025-20156 was published Jan 22, 2025
WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application... Critical Unreviewed
CVE-2024-57032 was published Jan 17, 2025
An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210... Critical Unreviewed
CVE-2024-57684 was published Jan 16, 2025
An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges. Critical Unreviewed
CVE-2024-51162 was published Nov 20, 2024
Incorrect access control in the Forgot Your Password function of EMSigner v2.8.7 allows... Critical Unreviewed
CVE-2023-43902 was published Nov 14, 2023
An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Privilege escalation can be... Critical Unreviewed
CVE-2022-41572 was published Jan 7, 2025
A privilege escalation allowing remote code execution was discovered in the orchestration service. Critical Unreviewed
CVE-2023-2530 was published Jun 7, 2023
In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an... Critical Unreviewed
CVE-2024-55956 was published Dec 13, 2024
WAVLINK WN701AE M01AE_V240305 was discovered to contain a hardcoded password vulnerability in ... Critical Unreviewed
CVE-2024-54745 was published Dec 6, 2024
COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-54751 was published Dec 10, 2024
An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build... Critical Unreviewed
CVE-2024-45494 was published Dec 10, 2024
WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-54747 was published Dec 6, 2024
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb... Critical Unreviewed
CVE-2024-51378 was published Oct 30, 2024
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required... Critical Unreviewed
CVE-2024-11703 was published Nov 26, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2023-42945 was published Feb 21, 2024
Ever Traduora 0.20.0 and below is vulnerable to Privilege Escalation due to the use of a hard... Critical Unreviewed
CVE-2024-53484 was published Dec 2, 2024
OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible... Critical Unreviewed
CVE-2024-46054 was published Nov 27, 2024
In the getHost() function of UriTest.java, there is the possibility of incorrect web origin... Critical Unreviewed
CVE-2018-9467 was published Nov 20, 2024
AVSCMS v8.2.0 was discovered to contain weak default credentials for the Administrator account. Critical Unreviewed
CVE-2024-51051 was published Nov 19, 2024
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise... Critical Unreviewed
CVE-2024-44760 was published Aug 28, 2024
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows... Critical Unreviewed
CVE-2024-51567 was published Oct 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database