GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
754 advisories
Filter by severity
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8's access control...
Moderate
Unreviewed
CVE-2024-2749
was published
May 14, 2024
Anti-Cheat Expert's Windows kernel module "ACE-BASE.sys" version 1.0.2202.6217 does not perform...
Moderate
Unreviewed
CVE-2024-22830
was published
May 1, 2024
Dell OpenManage Enterprise, versions 3.10 and 4.0, contains an Improper Access Control...
Moderate
Unreviewed
CVE-2024-28978
was published
May 1, 2024
The entire parent directory - C:\ScadaPro and its sub-directories and
files are configured by...
Moderate
Unreviewed
CVE-2024-3746
was published
Apr 30, 2024
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component...
Moderate
Unreviewed
CVE-2024-33260
was published
Apr 26, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a...
Moderate
Unreviewed
CVE-2024-22807
was published
Apr 22, 2024
An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi...
Moderate
Unreviewed
CVE-2023-43491
was published
Apr 17, 2024
An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi...
Moderate
Unreviewed
CVE-2023-45209
was published
Apr 17, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
Moderate
Unreviewed
CVE-2024-21107
was published
Apr 17, 2024
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle...
Moderate
Unreviewed
CVE-2024-21091
was published
Apr 17, 2024
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway)...
Moderate
Unreviewed
CVE-2024-21084
was published
Apr 17, 2024
An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to cause...
Moderate
Unreviewed
CVE-2024-24487
was published
Apr 15, 2024
Users with low privileges (all permissions deselected in the administrator permissions settings)...
Moderate
Unreviewed
CVE-2024-2731
was published
Apr 10, 2024
Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-28917
was published
Apr 9, 2024
Secure Boot Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-28922
was published
Apr 9, 2024
Azure Compute Gallery Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-21424
was published
Apr 9, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to start the Telnet service without...
Moderate
Unreviewed
CVE-2024-31805
was published
Apr 8, 2024
A vulnerability classified as problematic was found in ThingsBoard up to 3.6.2. This...
Moderate
Unreviewed
CVE-2024-3270
was published
Apr 4, 2024
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to learn...
Moderate
Unreviewed
CVE-2024-20283
was published
Apr 3, 2024
A vulnerability in the tenant security implementation of Cisco Nexus Dashboard Orchestrator (NDO)...
Moderate
Unreviewed
CVE-2024-20302
was published
Apr 3, 2024
An access control issue in Dreamer CMS v4.0.1 allows attackers to download backup files and leak...
Moderate
Unreviewed
CVE-2024-25811
was published
Mar 21, 2024
Improper access control vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and...
Moderate
Unreviewed
CVE-2024-1144
was published
Mar 19, 2024
Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control...
Moderate
Unreviewed
CVE-2024-26119
was published
Mar 18, 2024
BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) ...
Moderate
Unreviewed
CVE-2024-1605
was published
Mar 18, 2024
ProTip!
Advisories are also available from the
GraphQL API