GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
821 advisories
Filter by severity
Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Auctions). ...
High
Unreviewed
CVE-2024-21279
was published
Oct 15, 2024
Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services...
High
Unreviewed
CVE-2024-21284
was published
Oct 15, 2024
Vulnerability in the Oracle Financials product of Oracle E-Business Suite (component: Common...
High
Unreviewed
CVE-2024-21282
was published
Oct 15, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with...
High
Unreviewed
CVE-2024-29213
was published
Oct 19, 2024
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with...
High
Unreviewed
CVE-2024-29821
was published
Oct 19, 2024
Incorrect access control in the firmware update and download processes of Yamaha Headphones...
High
Unreviewed
CVE-2024-48542
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of IVY Smart v4.5.0 allows...
High
Unreviewed
CVE-2024-48545
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of Ruochan Smart v4.4.7...
High
Unreviewed
CVE-2024-48541
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of Sylvania Smart Home v3...
High
Unreviewed
CVE-2024-48544
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of DreamCatcher Life v1.8...
High
Unreviewed
CVE-2024-48547
was published
Oct 24, 2024
Incorrect access control in the firmware update and download processes of Wear Sync v1.2.0 allows...
High
Unreviewed
CVE-2024-48546
was published
Oct 24, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
High
Unreviewed
CVE-2024-45260
was published
Oct 24, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
High
Unreviewed
CVE-2024-45261
was published
Oct 24, 2024
OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST...
High
Unreviewed
CVE-2022-30356
was published
Oct 25, 2024
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request...
High
Unreviewed
CVE-2022-30358
was published
Oct 25, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44196
was published
Oct 28, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
High
Unreviewed
CVE-2024-44289
was published
Oct 28, 2024
A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.1...
High
Unreviewed
CVE-2024-44270
was published
Oct 28, 2024
Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate...
High
Unreviewed
CVE-2024-51426
was published
Oct 30, 2024
Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate...
High
Unreviewed
CVE-2024-51425
was published
Oct 30, 2024
Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin...
High
Unreviewed
CVE-2024-30616
was published
Nov 4, 2024
ProTip!
Advisories are also available from the
GraphQL API