Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

937 advisories

Loading
A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3... High Unreviewed
CVE-2024-23271 was published Apr 24, 2024
An issue was discovered in Zammad before 6.3.0. Users with customer access to a ticket could have... High Unreviewed
CVE-2024-33666 was published Apr 26, 2024
An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from... High Unreviewed
CVE-2023-38297 was published Apr 22, 2024
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones, including 6970 Conference Unit,... High Unreviewed
CVE-2024-31964 was published May 2, 2024
An Improper Certificate Validation could allow a malicious actor with access to an adjacent... High Unreviewed
CVE-2024-29207 was published May 7, 2024
Claris International has resolved an issue of potentially allowing unauthorized access to records... High Unreviewed
CVE-2024-27790 was published May 14, 2024
Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions... High Unreviewed
CVE-2024-34221 was published May 14, 2024
Improper access control in some Intel(R) Power Gadget software for macOS all versions may allow... High Unreviewed
CVE-2023-40070 was published May 16, 2024
Improper access control in Intel(R) Power Gadget software for Windows all versions may allow an... High Unreviewed
CVE-2023-45217 was published May 16, 2024
An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to... High Unreviewed
CVE-2024-37289 was published Jun 11, 2024
Northern.tech Mender 3.3.x before 3.3.2, 3.5.x before 3.5.0, and 3.6.x before 3.6.0 has Incorrect... High Unreviewed
CVE-2022-45929 was published Jun 20, 2024
An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215... High Unreviewed
CVE-2024-37677 was published Jun 24, 2024
karmada vulnerable to arbitrary code execution via a crafted command High
CVE-2024-33396 was published for github.com/karmada-io/karmada (Go) May 2, 2024
Exposure of Resource to Wrong Sphere in ThinkPHP Framework High
CVE-2022-25481 was published for topthink/framework (Composer) Mar 22, 2022
Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Offer... High Unreviewed
CVE-2024-21076 was published Apr 17, 2024
Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2024-21074 was published Apr 17, 2024
Robotmk before 2.0.1 allows a local user to escalate privileges (e.g., to SYSTEM) if automated... High Unreviewed
CVE-2024-39934 was published Jul 4, 2024
An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 -... High Unreviewed
CVE-2024-23663 was published Jul 9, 2024
DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38061 was published Jul 9, 2024
Windows File Explorer Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38100 was published Jul 9, 2024
Artery AT32F415CBT7 and AT32F421C8T7 devices have Incorrect Access Control. High Unreviewed
CVE-2024-21740 was published Jun 25, 2024
Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier... High Unreviewed
CVE-2021-23178 was published Apr 25, 2023
The access control in the Electronic Official Document Management System from 2100 TECHNOLOGY is... High Unreviewed
CVE-2024-6737 was published Jul 15, 2024
Improper access control in reporting engine of Odoo Community 14.0 through 15.0, and Odoo... High Unreviewed
CVE-2021-23203 was published Apr 25, 2023
Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier... High Unreviewed
CVE-2021-44460 was published Apr 25, 2023
ProTip! Advisories are also available from the GraphQL API