Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

22 advisories

Loading
The web server of affected devices do not properly authenticate user request to the '/ClientArea... Moderate Unreviewed
CVE-2024-46887 was published Oct 8, 2024
The affected product is vulnerable to an attacker modifying the bootloader by using custom... Moderate Unreviewed
CVE-2024-38279 was published Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16... Moderate Unreviewed
CVE-2024-1525 was published Feb 22, 2024
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive... Moderate Unreviewed
CVE-2024-35151 was published Aug 22, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in PruvaSoft Informatics... Moderate Unreviewed
CVE-2024-5620 was published Jul 18, 2024
A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi... Moderate Unreviewed
CVE-2023-4957 was published Oct 11, 2023
PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring... Moderate Unreviewed
CVE-2023-39231 was published Oct 25, 2023
The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2021-4353 was published Oct 20, 2023
A security defect was identified in Foundry Issues. If a user was added to an issue on a resource... Moderate Unreviewed
CVE-2023-30946 was published Jun 29, 2023
The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up... Moderate Unreviewed
CVE-2021-4373 was published Jun 7, 2023
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass... Moderate Unreviewed
CVE-2022-36249 was published May 30, 2023
PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be... Moderate Unreviewed
CVE-2022-40725 was published Apr 25, 2023
A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed
CVE-2023-20247 was published Nov 1, 2023
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series... Moderate Unreviewed
CVE-2023-20018 was published Jan 20, 2023
A vulnerability in the social login configuration option for the guest users of Cisco Business... Moderate Unreviewed
CVE-2023-20003 was published May 18, 2023
PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry... Moderate Unreviewed
CVE-2022-23725 was published Jul 1, 2022
PingID Windows Login prior to 2.8 does not authenticate communication with a local Java service... Moderate Unreviewed
CVE-2022-23719 was published Jul 1, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected... Moderate Unreviewed
CVE-2020-15633 was published May 24, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on... Moderate Unreviewed
CVE-2020-27863 was published May 24, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on... Moderate Unreviewed
CVE-2020-17409 was published May 24, 2022
Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions... Moderate Unreviewed
CVE-2021-32958 was published May 24, 2022
Navigating to a specific URL with a patient ID number will result in the server generating a PDF... Moderate Unreviewed
CVE-2022-1067 was published Apr 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database