GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
941 advisories
Filter by severity
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows...
Moderate
Unreviewed
CVE-2023-23752
was published
Feb 16, 2023
The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions...
Moderate
Unreviewed
CVE-2024-5331
was published
Aug 1, 2024
The entire parent directory - C:\ScadaPro and its sub-directories and
files are configured by...
Moderate
Unreviewed
CVE-2024-3746
was published
Apr 30, 2024
A flaw in versions of Delphix Data Control Tower (DCT) prior to 19.0.0 results in broken...
Moderate
Unreviewed
CVE-2024-6727
was published
Jul 29, 2024
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 16.7...
Moderate
Unreviewed
CVE-2024-7057
was published
Jul 25, 2024
After the initial setup process, some steps of setup.php file are reachable not only by super...
Moderate
Unreviewed
CVE-2022-23134
was published
Feb 9, 2022
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers...
Moderate
Unreviewed
CVE-2016-3715
was published
May 14, 2022
A security flaw in Node.js allows a bypass of network import restrictions.
By embedding non...
Moderate
Unreviewed
CVE-2024-22020
was published
Jul 9, 2024
The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing...
Moderate
Unreviewed
CVE-2024-6738
was published
Jul 15, 2024
Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier...
Moderate
Unreviewed
CVE-2021-44465
was published
Apr 25, 2023
Improper access control in reporting engine of l10n_fr_fec module in Odoo Community 15.0 and...
Moderate
Unreviewed
CVE-2021-23176
was published
Apr 25, 2023
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.0.4...
Moderate
Unreviewed
CVE-2024-5257
was published
Jul 11, 2024
An improper access control vulnerability [CWE-284] in Fortinet FortiADC version 7.4.0 through 7...
Moderate
Unreviewed
CVE-2023-50181
was published
Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The...
Moderate
Unreviewed
CVE-2022-32255
was published
Jun 15, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The...
Moderate
Unreviewed
CVE-2022-32256
was published
Jun 15, 2022
litellm vulnerable to improper access control in team management
Moderate
CVE-2024-5710
was published
for
litellm
(pip)
Jun 27, 2024
Improper Access Control in stitionai/devika
Moderate
Unreviewed
CVE-2024-5821
was published
Jul 3, 2024
Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2, 9.5.x <= 9.5.5 fail to prevent...
Moderate
Unreviewed
CVE-2024-6428
was published
Jul 3, 2024
If a specific sequence of actions is performed when opening a new tab, the triggering principal...
Moderate
Unreviewed
CVE-2024-5687
was published
Jun 11, 2024
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8's access control...
Moderate
Unreviewed
CVE-2024-2749
was published
May 14, 2024
Anti-Cheat Expert's Windows kernel module "ACE-BASE.sys" version 1.0.2202.6217 does not perform...
Moderate
Unreviewed
CVE-2024-22830
was published
May 1, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a...
Moderate
Unreviewed
CVE-2024-22807
was published
Apr 22, 2024
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component...
Moderate
Unreviewed
CVE-2024-33260
was published
Apr 26, 2024
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle...
Moderate
Unreviewed
CVE-2024-21091
was published
Apr 17, 2024
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway)...
Moderate
Unreviewed
CVE-2024-21084
was published
Apr 17, 2024
ProTip!
Advisories are also available from the
GraphQL API