Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

937 advisories

Loading
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2024-21114 was published Apr 17, 2024
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager... High Unreviewed
CVE-2024-21067 was published Apr 17, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2024-21110 was published Apr 17, 2024
Authlib has algorithm confusion with asymmetric public keys High
CVE-2024-37568 was published for authlib (pip) Jun 9, 2024
Linksys E2000 Ver.1.0.06 build 1 is vulnerable to authentication bypass via the position.js file. High Unreviewed
CVE-2024-27497 was published Mar 1, 2024
code-projects Agro-School Management System 1.0 is suffers from Incorrect Access Control. High Unreviewed
CVE-2024-25251 was published Feb 22, 2024
An issue in VitalPBX v.3.2.4-5 allows an attacker to execute arbitrary code via a crafted payload... High Unreviewed
CVE-2024-24386 was published Feb 15, 2024
Dolibarr vulnerable to Cross-Site Request Forgery High
CVE-2024-31503 was published for dolibarr/dolibarr (Composer) Apr 17, 2024
Hargal - CWE-284: Improper Access Control High Unreviewed
CVE-2024-42334 was published Aug 20, 2024
Improper Access Controls allows backend users to overwrite their username when disallowed. High Unreviewed
CVE-2024-27187 was published Aug 20, 2024
The mobile application (com.transsion.videocallenhancer) interface has improper permission... High Unreviewed
CVE-2024-4988 was published May 21, 2024
In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to... High Unreviewed
CVE-2024-0036 was published Feb 16, 2024
An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. Improper access... High Unreviewed
CVE-2024-33673 was published Apr 26, 2024
An Incorrect Access Control vulnerability was found in /admin/rooms.php in Kashipara Hotel... High Unreviewed
CVE-2024-42772 was published Aug 22, 2024
Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Access Control via /admin/users... High Unreviewed
CVE-2024-42776 was published Aug 22, 2024
An issue in sanluan PublicCMS v.4.0.202302.e allows an attacker to escalate privileges via the... High Unreviewed
CVE-2024-31759 was published Apr 17, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole... High Unreviewed
CVE-2024-36443 was published Aug 22, 2024
Improper access control in Decentralized Identity Services allows an unathenticated attacker to... High Unreviewed
CVE-2024-43477 was published Aug 23, 2024
Mattermost allows unsolicited invites to expose access to local channels High
CVE-2024-39777 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
An access control issue in /usr/sbin/httpd in Tenda TX9 V1 V22.03.02.54, Tenda AX3 V3 V16.03.12... High Unreviewed
CVE-2023-47422 was published Feb 21, 2024
Incorrect access control in Reprise License Management Software Reprise License Manager v15.1... High Unreviewed
CVE-2023-44031 was published Feb 3, 2024
An issue in Multilaser RE160 firmware v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01 allows attackers to... High Unreviewed
CVE-2023-38946 was published Mar 6, 2024
A directory listing vulnerability in Customer Support System v1 allows attackers to list... High Unreviewed
CVE-2023-49545 was published Mar 2, 2024
An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and... High Unreviewed
CVE-2024-36068 was published Aug 27, 2024
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order... High Unreviewed
CVE-2023-36644 was published Apr 4, 2024
ProTip! Advisories are also available from the GraphQL API