GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,476

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

941 advisories

Filter by severity

Sort by

Least recently updated

An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6... Moderate Unreviewed

CVE-2024-45323 was published Sep 10, 2024

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All... Moderate Unreviewed

CVE-2024-37993 was published Sep 10, 2024

A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) (All... Moderate Unreviewed

CVE-2024-21483 was published Mar 12, 2024

Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control... Moderate Unreviewed

CVE-2024-39580 was published Sep 10, 2024

A vulnerability has been identified in Node.js version 20, affecting users of the experimental... Moderate Unreviewed

CVE-2023-30582 was published Sep 7, 2024

Incorrect Authorization in calibreweb Moderate

CVE-2022-0273 was published for calibreweb (pip) Jan 31, 2022

nGrinder before 3.5.9 allows an attacker to obtain the results of webhook requests due to lack of... Moderate Unreviewed

CVE-2024-28216 was published Mar 7, 2024

The Android Mobile Whale browser app before 3.0.1.2 allows the attacker to bypass its browser... Moderate Unreviewed

CVE-2023-25632 was published Nov 27, 2023

Bonitasoft Runtime Community edition's contains an insecure direct object references vulnerability Moderate

CVE-2024-28087 was published for org.bonitasoft.engine:bonita-server (Maven) May 15, 2024

An issue was discovered in the Boomerang Parental Control application before 13.83 for Android.... Moderate Unreviewed

CVE-2023-36620 was published Nov 3, 2023

Vulnerability of input parameters being not strictly verified in the input. Successful... Moderate Unreviewed

CVE-2023-46755 was published Nov 8, 2023

MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in... Moderate Unreviewed

CVE-2023-41570 was published Nov 15, 2023

Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows... Moderate Unreviewed

CVE-2023-43901 was published Nov 14, 2023

An improper access control vulnerability exists in GitLab Remote Development affecting all... Moderate Unreviewed

CVE-2023-6955 was published Jan 12, 2024

Powermail TYPO3 extension Broken Access Control in the OutputController Moderate

CVE-2024-45233 was published for in2code/powermail (Composer) Aug 29, 2024

In queryChildDocuments of FileSystemProvider.java, there is a possible way to request access to... Moderate Unreviewed

CVE-2024-0032 was published Feb 16, 2024

Broken Access Control in the Report functionality of Delinea PAM Secret Server 11.4 allows... Moderate Unreviewed

CVE-2024-25653 was published Mar 14, 2024

An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an... Moderate Unreviewed

CVE-2024-44915 was published Aug 28, 2024

An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an... Moderate Unreviewed

CVE-2024-44913 was published Aug 28, 2024

An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an... Moderate Unreviewed

CVE-2024-44914 was published Aug 28, 2024

A vulnerability in the restricted security domain implementation of Cisco Application Policy... Moderate Unreviewed

CVE-2024-20279 was published Aug 28, 2024

Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper access control vulnerability.... Moderate Unreviewed

CVE-2024-26310 was published Feb 21, 2024

A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode... Moderate Unreviewed

CVE-2024-8216 was published Aug 27, 2024

A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a... Moderate Unreviewed

CVE-2024-5814 was published Aug 27, 2024

Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via ... Moderate Unreviewed

CVE-2024-42766 was published Aug 23, 2024

Previous 1 2 3 4 5 … 37 38 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

941 advisories