Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,706
Erlang
34
GitHub Actions
28
Go
2,292
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
919
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+

46 advisories

Loading
Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote... Moderate Unreviewed
CVE-2024-5801 was published Aug 12, 2024
The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10... Moderate Unreviewed
CVE-2023-40708 was published Aug 24, 2023
there is a possible arbitrary read due to an insecure default value. This could lead to local... Moderate Unreviewed
CVE-2024-44096 was published Sep 13, 2024
Certain configuration available in the communication channel for encoders could expose sensitive... Moderate Unreviewed
CVE-2024-22388 was published Feb 7, 2024
Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user... Moderate Unreviewed
CVE-2024-9949 was published Oct 23, 2024
HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused... Moderate Unreviewed
CVE-2024-30124 was published Oct 23, 2024
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. It uses a default SSID value,... Moderate Unreviewed
CVE-2020-11917 was published Nov 7, 2024
OpenStack Nova uses insecure keystone middleware tmpdir by default Moderate
CVE-2013-2030 was published for python-keystoneclient (pip) May 17, 2022
Insecure default configurations in HI-SCAN 6040i Hitrax HX-03-19-I allow authenticated attackers... Moderate Unreviewed
CVE-2024-48122 was published Jan 15, 2025
The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users... Moderate Unreviewed
CVE-2024-0387 was published Feb 26, 2024
A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects... Moderate Unreviewed
CVE-2025-2129 was published Mar 9, 2025
An unauthenticated remote attacker can gain limited information of the PLC network but the user... Moderate Unreviewed
CVE-2024-41975 was published Mar 18, 2025
Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have... Moderate Unreviewed
CVE-2025-27809 was published Mar 25, 2025
Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Initialization of a Resource... Moderate Unreviewed
CVE-2025-29985 was published Apr 8, 2025
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could... Moderate Unreviewed
CVE-2025-2441 was published Apr 9, 2025
CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could... Moderate Unreviewed
CVE-2025-2442 was published Apr 9, 2025
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting... Moderate Unreviewed
CVE-2017-5491 was published May 13, 2022
Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before... Moderate Unreviewed
CVE-2021-33130 was published May 13, 2022
CNCF K3s Kubernetes kubelet configuration exposes credentials Moderate
CVE-2025-46599 was published for github.com/k3s-io/k3s (Go) Apr 25, 2025
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an... Moderate Unreviewed
CVE-2023-48733 was published Feb 15, 2024
In the Linux kernel, the following vulnerability has been resolved: dm btree remove: assign... Moderate Unreviewed
CVE-2021-47343 was published May 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database