Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

941 advisories

Loading
NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in the LDAP... Moderate Unreviewed
CVE-2024-0104 was published Aug 8, 2024
An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara... Moderate Unreviewed
CVE-2024-41245 was published Aug 7, 2024
An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara... Moderate Unreviewed
CVE-2024-41244 was published Aug 7, 2024
An Incorrect Access Control vulnerability was found in /smsa/admin_dashboard.php in Kashipara... Moderate Unreviewed
CVE-2024-41246 was published Aug 7, 2024
A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u... Moderate Unreviewed
CVE-2024-7154 was published Jul 28, 2024
Summary: Microsoft was notified that an elevation of privilege vulnerability exists in Windows... Moderate Unreviewed
CVE-2024-21302 was published Aug 8, 2024
An Incorrect Access Control vulnerability was found in /smsa/admin_student_register_approval.php... Moderate Unreviewed
CVE-2024-41252 was published Aug 7, 2024
Path traversal allows leaking out-of-bound files from Argo CD repo-server Moderate
CVE-2022-24731 was published for github.com/argoproj/argo-cd (Go) Mar 24, 2022
alexmt
Mattermost allows remote actor to create/update/delete posts in arbitrary channels Moderate
CVE-2024-41144 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Mattermost allows a remote actor to make an arbitrary local channel read-only Moderate
CVE-2024-41162 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Mattermost allows a user on a remote to set their remote username prop to an arbitrary string Moderate
CVE-2024-39839 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-34107 was published for magento/community-edition (Composer) Jun 13, 2024
Directus incorrectly handles `_in` filter Moderate
CVE-2024-39701 was published for directus (npm) Jul 8, 2024
adelinn
Mattermost Server Improper Access Control Moderate
CVE-2024-29221 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 5, 2024
Mattermost post fetching without auditing in compliance export Moderate
CVE-2024-1887 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Mattermost allows attackers access to posts in channels they are not a member of Moderate
CVE-2024-1942 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Mattermost fails to check the "invite_guest" permission Moderate
CVE-2024-1888 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Mattermost viewing archived public channels permissions vulnerability Moderate
CVE-2023-47858 was published for github.com/mattermost/mattermost-server/v6 (Go) Jan 2, 2024
Mattermost fails to authenticate the source of certain types of post actions Moderate
CVE-2024-2447 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 5, 2024
An access control issue in Dreamer CMS v4.0.1 allows attackers to download backup files and leak... Moderate Unreviewed
CVE-2024-25811 was published Mar 21, 2024
ZenML Server Remote Privilege Escalation Vulnerability Moderate
CVE-2024-25723 was published for zenml (pip) Feb 27, 2024
hahwul
FriendlyCaptcha Plugin for TYPO3 Captcha Check Bypass Moderate
CVE-2024-38873 was published for studiomitte/friendlycaptcha (Composer) Jun 21, 2024
An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.25, 4.4.0 through... Moderate Unreviewed
CVE-2024-37386 was published Jul 15, 2024
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card... Moderate Unreviewed
CVE-2019-20473 was published May 24, 2022
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Partners). ... Moderate Unreviewed
CVE-2024-21169 was published Jul 17, 2024
ProTip! Advisories are also available from the GraphQL API