Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,372 advisories

Loading
Incorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows... High Unreviewed
CVE-2024-48546 was published Oct 24, 2024
The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding... Critical Unreviewed
CVE-2024-48548 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of Yamaha Headphones... High Unreviewed
CVE-2024-48542 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7... High Unreviewed
CVE-2024-48541 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8... High Unreviewed
CVE-2024-48547 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of IVY Smart v4.5.0 allows... High Unreviewed
CVE-2024-48545 was published Oct 24, 2024
Incorrect access control in the firmware update and download processes of Sylvania Smart Home v3... High Unreviewed
CVE-2024-48544 was published Oct 24, 2024
Incorrect access control in XIAO HE Smart 4.3.1 allows attackers to access sensitive information... Moderate Unreviewed
CVE-2024-48540 was published Oct 24, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ... Moderate Unreviewed
CVE-2024-20482 was published Oct 23, 2024
Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass... Moderate Unreviewed
CVE-2024-49209 was published Oct 22, 2024
Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass... Moderate Unreviewed
CVE-2024-49208 was published Oct 22, 2024
The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0... Critical Unreviewed
CVE-2024-38002 was published Oct 22, 2024
Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API Low
CVE-2024-48925 was published for Umbraco.CMS (NuGet) Oct 22, 2024
thanhlam-attt
A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2024-10173 was published Oct 20, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with... High Unreviewed
CVE-2024-29213 was published Oct 19, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with... High Unreviewed
CVE-2024-29821 was published Oct 19, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone... Moderate Unreviewed
CVE-2024-20420 was published Oct 16, 2024
Improper Authentication vulnerability in Apache Solr Critical
CVE-2024-45216 was published for org.apache.solr:solr (Maven) Oct 16, 2024
Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Field... High Unreviewed
CVE-2024-21271 was published Oct 15, 2024
Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2024-21276 was published Oct 15, 2024
Vulnerability in the Oracle Contract Lifecycle Management for Public Sector product of Oracle E... High Unreviewed
CVE-2024-21278 was published Oct 15, 2024
Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Auctions). ... High Unreviewed
CVE-2024-21279 was published Oct 15, 2024
Vulnerability in the Oracle Quoting product of Oracle E-Business Suite (component: User Interface... High Unreviewed
CVE-2024-21275 was published Oct 15, 2024
Vulnerability in the Oracle Incentive Compensation product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2024-21269 was published Oct 15, 2024
Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite ... High Unreviewed
CVE-2024-21270 was published Oct 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database