Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

754 advisories

Loading
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8's access control... Moderate Unreviewed
CVE-2024-2749 was published May 14, 2024
Anti-Cheat Expert's Windows kernel module "ACE-BASE.sys" version 1.0.2202.6217 does not perform... Moderate Unreviewed
CVE-2024-22830 was published May 1, 2024
Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control... Moderate Unreviewed
CVE-2024-28978 was published May 1, 2024
The entire parent directory - C:\ScadaPro and its sub-directories and files are configured by... Moderate Unreviewed
CVE-2024-3746 was published Apr 30, 2024
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-33260 was published Apr 26, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a... Moderate Unreviewed
CVE-2024-22807 was published Apr 22, 2024
An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi... Moderate Unreviewed
CVE-2023-43491 was published Apr 17, 2024
An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi... Moderate Unreviewed
CVE-2023-45209 was published Apr 17, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... Moderate Unreviewed
CVE-2024-21107 was published Apr 17, 2024
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle... Moderate Unreviewed
CVE-2024-21091 was published Apr 17, 2024
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway)... Moderate Unreviewed
CVE-2024-21084 was published Apr 17, 2024
An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to cause... Moderate Unreviewed
CVE-2024-24487 was published Apr 15, 2024
Users with low privileges (all permissions deselected in the administrator permissions settings)... Moderate Unreviewed
CVE-2024-2731 was published Apr 10, 2024
Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-28917 was published Apr 9, 2024
Secure Boot Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-28922 was published Apr 9, 2024
Proxy Driver Spoofing Vulnerability Moderate Unreviewed
CVE-2024-26234 was published Apr 9, 2024
Azure Compute Gallery Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-21424 was published Apr 9, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to start the Telnet service without... Moderate Unreviewed
CVE-2024-31805 was published Apr 8, 2024
A vulnerability classified as problematic was found in ThingsBoard up to 3.6.2. This... Moderate Unreviewed
CVE-2024-3270 was published Apr 4, 2024
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to learn... Moderate Unreviewed
CVE-2024-20283 was published Apr 3, 2024
A vulnerability in the tenant security implementation of Cisco Nexus Dashboard Orchestrator (NDO)... Moderate Unreviewed
CVE-2024-20302 was published Apr 3, 2024
An access control issue in Dreamer CMS v4.0.1 allows attackers to download backup files and leak... Moderate Unreviewed
CVE-2024-25811 was published Mar 21, 2024
Improper access control vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and... Moderate Unreviewed
CVE-2024-1144 was published Mar 19, 2024
Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control... Moderate Unreviewed
CVE-2024-26119 was published Mar 18, 2024
BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) ... Moderate Unreviewed
CVE-2024-1605 was published Mar 18, 2024
ProTip! Advisories are also available from the GraphQL API