Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

267 advisories

Loading
Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21401 was published Feb 13, 2024
Microsoft Azure Site Recovery Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21364 was published Feb 13, 2024
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-29990 was published Apr 9, 2024
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive... Critical Unreviewed
CVE-2023-1083 was published Apr 9, 2024
Sielco PolyEco1000 is vulnerable to an authentication bypass vulnerability due... Critical Unreviewed
CVE-2023-46665 was published Oct 26, 2023
Sielco PolyEco1000 is vulnerable to an improper access control vulnerability when... Critical Unreviewed
CVE-2023-46664 was published Oct 26, 2023
A command execution vulnerability exists in the validate.so diag_ping_start functionality of... Critical Unreviewed
CVE-2023-32632 was published Oct 11, 2023
An authentication bypass vulnerability exists in the httpd nvram.cgi functionality of Yifan YF325... Critical Unreviewed
CVE-2023-24479 was published Oct 11, 2023
An improper access control vulnerability [CWE-284] in FortiManager management interface 7.2.0... Critical Unreviewed
CVE-2023-41679 was published Oct 10, 2023
Improper Access Control in SICK APU allows an unprivileged remote attacker to download as well... Critical Unreviewed
CVE-2023-43696 was published Oct 9, 2023
A remote unauthorized attacker may connect to the SIM1012, interact with the device and change... Critical Unreviewed
CVE-2023-5288 was published Sep 29, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2... Critical Unreviewed
CVE-2023-5009 was published Sep 19, 2023
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation... Critical Unreviewed
CVE-2023-31242 was published Sep 5, 2023
SAP PowerDesigner - version 16.7, has improper access control which might allow an... Critical Unreviewed
CVE-2023-37483 was published Aug 8, 2023
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device... Critical Unreviewed
CVE-2023-29130 was published Jul 11, 2023
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller... Critical Unreviewed
CVE-2023-24489 was published Jul 11, 2023
?Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contain improper access... Critical Unreviewed
CVE-2023-30765 was published Jul 10, 2023
Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and... Critical Unreviewed
CVE-2023-1834 was published Jul 6, 2023
A privilege escalation allowing remote code execution was discovered in the orchestration service. Critical Unreviewed
CVE-2023-2530 was published Jun 7, 2023
The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing... Critical Unreviewed
CVE-2021-4380 was published Jun 7, 2023
Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and... Critical Unreviewed
CVE-2023-31241 was published May 22, 2023
Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can... Critical Unreviewed
CVE-2023-28808 was published Apr 11, 2023
A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16,... Critical Unreviewed
CVE-2020-10731 was published May 24, 2022
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and... Critical Unreviewed
CVE-2019-5644 was published May 24, 2022
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows... Critical Unreviewed
CVE-2019-9531 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API