Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

30 advisories

Loading
Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup()... Critical Unreviewed
CVE-2024-39800 was published Jan 14, 2025
Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality... Critical Unreviewed
CVE-2024-39788 was published Jan 14, 2025
Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd... Critical Unreviewed
CVE-2024-39795 was published Jan 14, 2025
Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup()... Critical Unreviewed
CVE-2024-39798 was published Jan 14, 2025
Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality... Critical Unreviewed
CVE-2024-39789 was published Jan 14, 2025
Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd... Critical Unreviewed
CVE-2024-39794 was published Jan 14, 2025
Multiple external config control vulnerabilities exist in the nas.cgi set_nas() proftpd... Critical Unreviewed
CVE-2024-39793 was published Jan 14, 2025
Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup()... Critical Unreviewed
CVE-2024-39799 was published Jan 14, 2025
Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality... Critical Unreviewed
CVE-2024-39790 was published Jan 14, 2025
An external config control vulnerability exists in the nas.cgi set_smb_cfg() functionality of... Critical Unreviewed
CVE-2024-39280 was published Jan 14, 2025
An external config control vulnerability exists in the openvpn.cgi openvpn_client_setup()... Critical Unreviewed
CVE-2024-38666 was published Jan 14, 2025
An external config control vulnerability exists in the nas.cgi set_nas() functionality of Wavlink... Critical Unreviewed
CVE-2024-39602 was published Jan 14, 2025
Security vulnerability in the HiView module Impact: Successful exploitation of this vulnerability... High Unreviewed
CVE-2024-54097 was published Dec 12, 2024
Information Disclosure vulnerabilities allow access to application configuration information. ... High Unreviewed
CVE-2024-51543 was published Dec 5, 2024
Service Control vulnerabilities allow access to service restart requests and vm configuration... High Unreviewed
CVE-2024-51544 was published Dec 5, 2024
A CWE-15 "External Control of System or Configuration Setting" was discovered affecting the... High Unreviewed
CVE-2024-50358 was published Nov 26, 2024
Flowise OverrideConfig security vulnerability High
GHSA-5cph-wvm9-45gj was published for flowise (npm) Nov 21, 2024
ryanhalliday
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database... High Unreviewed
CVE-2024-10979 was published Nov 14, 2024
github.com/gitpod-io/gitpod vulnerable to Cookie Tossing Moderate
CVE-2024-21583 was published for github.com/gitpod-io/gitpod (Go) Jul 19, 2024
A vulnerability in parisneo/lollms-webui versions up to 9.3 allows remote attackers to execute... Critical Unreviewed
CVE-2024-4326 was published May 16, 2024
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender... High Unreviewed
CVE-2023-6154 was published Apr 1, 2024
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process... High Unreviewed
CVE-2024-1488 was published Feb 15, 2024
Micronaut management endpoints vulnerable to drive-by localhost attack Moderate
CVE-2024-23639 was published for io.micronaut:micronaut-http-server (Maven) Feb 9, 2024
Unauthorized startup vulnerability of background apps. Successful exploitation of this... Moderate Unreviewed
CVE-2023-46764 was published Nov 8, 2023
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed,... Moderate Unreviewed
CVE-2023-43323 was published Sep 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database