GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
937 advisories
Filter by severity
A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3...
High
Unreviewed
CVE-2024-23271
was published
Apr 24, 2024
An issue was discovered in Zammad before 6.3.0. Users with customer access to a ticket could have...
High
Unreviewed
CVE-2024-33666
was published
Apr 26, 2024
An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from...
High
Unreviewed
CVE-2023-38297
was published
Apr 22, 2024
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones, including 6970 Conference Unit,...
High
Unreviewed
CVE-2024-31964
was published
May 2, 2024
An Improper Certificate Validation could allow a malicious actor with access to an adjacent...
High
Unreviewed
CVE-2024-29207
was published
May 7, 2024
Claris International has resolved an issue of potentially allowing unauthorized access to records...
High
Unreviewed
CVE-2024-27790
was published
May 14, 2024
Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions...
High
Unreviewed
CVE-2024-34221
was published
May 14, 2024
Improper access control in some Intel(R) Power Gadget software for macOS all versions may allow...
High
Unreviewed
CVE-2023-40070
was published
May 16, 2024
Improper access control in Intel(R) Power Gadget software for Windows all versions may allow an...
High
Unreviewed
CVE-2023-45217
was published
May 16, 2024
An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to...
High
Unreviewed
CVE-2024-37289
was published
Jun 11, 2024
Northern.tech Mender 3.3.x before 3.3.2, 3.5.x before 3.5.0, and 3.6.x before 3.6.0 has Incorrect...
High
Unreviewed
CVE-2022-45929
was published
Jun 20, 2024
An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215...
High
Unreviewed
CVE-2024-37677
was published
Jun 24, 2024
karmada vulnerable to arbitrary code execution via a crafted command
High
CVE-2024-33396
was published
for
github.com/karmada-io/karmada
(Go)
May 2, 2024
Exposure of Resource to Wrong Sphere in ThinkPHP Framework
High
CVE-2022-25481
was published
for
topthink/framework
(Composer)
Mar 22, 2022
Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Offer...
High
Unreviewed
CVE-2024-21076
was published
Apr 17, 2024
Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component:...
High
Unreviewed
CVE-2024-21074
was published
Apr 17, 2024
Robotmk before 2.0.1 allows a local user to escalate privileges (e.g., to SYSTEM) if automated...
High
Unreviewed
CVE-2024-39934
was published
Jul 4, 2024
An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 -...
High
Unreviewed
CVE-2024-23663
was published
Jul 9, 2024
DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38061
was published
Jul 9, 2024
Windows File Explorer Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38100
was published
Jul 9, 2024
Artery AT32F415CBT7 and AT32F421C8T7 devices have Incorrect Access Control.
High
Unreviewed
CVE-2024-21740
was published
Jun 25, 2024
Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier...
High
Unreviewed
CVE-2021-23178
was published
Apr 25, 2023
The access control in the Electronic Official Document Management System from 2100 TECHNOLOGY is...
High
Unreviewed
CVE-2024-6737
was published
Jul 15, 2024
Improper access control in reporting engine of Odoo Community 14.0 through 15.0, and Odoo...
High
Unreviewed
CVE-2021-23203
was published
Apr 25, 2023
Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier...
High
Unreviewed
CVE-2021-44460
was published
Apr 25, 2023
ProTip!
Advisories are also available from the
GraphQL API