GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
937 advisories
Filter by severity
Improper access control vulnerability affecting Vonets
industrial wifi bridge relays and wifi...
High
Unreviewed
CVE-2024-29082
was published
Aug 12, 2024
A vulnerability was found in OpenShift AI that allows for authentication bypass and privilege...
High
Unreviewed
CVE-2024-7557
was published
Aug 12, 2024
RBAC Roles for `etcd` created by Kamaji are not disjunct
High
CVE-2024-42480
was published
for
github.com/clastix/kamaji
(Go)
Aug 12, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
High
Unreviewed
CVE-2024-41905
was published
Aug 13, 2024
Insufficient
validation of the Input Output Control (IOCTL) input buffer in AMD μProf may
allow...
High
Unreviewed
CVE-2023-31341
was published
Aug 13, 2024
Azure Connected Machine Agent Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38162
was published
Aug 13, 2024
Azure CycleCloud Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38195
was published
Aug 13, 2024
Windows Update Stack Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38163
was published
Aug 14, 2024
improper access control in firmware for some Intel(R) FPGA products before version 24.1 may allow...
High
Unreviewed
CVE-2024-25576
was published
Aug 14, 2024
Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may...
High
Unreviewed
CVE-2024-26022
was published
Aug 14, 2024
Flask-CORS allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default
High
CVE-2024-6221
was published
for
Flask-Cors
(pip)
Aug 18, 2024
Improper Access Controls allows backend users to overwrite their username when disallowed.
High
Unreviewed
CVE-2024-27187
was published
Aug 20, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole...
High
Unreviewed
CVE-2024-36443
was published
Aug 22, 2024
Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Access Control via /admin/users...
High
Unreviewed
CVE-2024-42776
was published
Aug 22, 2024
An Incorrect Access Control vulnerability was found in /admin/rooms.php in Kashipara Hotel...
High
Unreviewed
CVE-2024-42772
was published
Aug 22, 2024
Improper access control in Decentralized Identity Services allows an unathenticated attacker to...
High
Unreviewed
CVE-2024-43477
was published
Aug 23, 2024
An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and...
High
Unreviewed
CVE-2024-36068
was published
Aug 27, 2024
Insufficient access checks in Visual Planning Admin Center 8 before v.1 Build 240207 allow...
High
Unreviewed
CVE-2023-49233
was published
Sep 3, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper or...
High
Unreviewed
CVE-2024-45170
was published
Sep 4, 2024
A vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental...
High
Unreviewed
CVE-2023-30587
was published
Sep 7, 2024
fs.openAsBlob() can bypass the experimental permission model when using the file system read...
High
Unreviewed
CVE-2023-30583
was published
Sep 7, 2024
An improper access control vulnerability allows an attacker with valid access tokens to access...
High
Unreviewed
CVE-2024-42021
was published
Sep 7, 2024
An incorrect permission assignment vulnerability allows an attacker to modify product...
High
Unreviewed
CVE-2024-42022
was published
Sep 7, 2024
An improper access control vulnerability allows low-privileged users to execute code with...
High
Unreviewed
CVE-2024-42023
was published
Sep 7, 2024
ProTip!
Advisories are also available from the
GraphQL API