Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

941 advisories

Loading
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows... Moderate Unreviewed
CVE-2023-23752 was published Feb 16, 2023
The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions... Moderate Unreviewed
CVE-2024-5331 was published Aug 1, 2024
The entire parent directory - C:\ScadaPro and its sub-directories and files are configured by... Moderate Unreviewed
CVE-2024-3746 was published Apr 30, 2024
A flaw in versions of Delphix Data Control Tower (DCT) prior to 19.0.0 results in broken... Moderate Unreviewed
CVE-2024-6727 was published Jul 29, 2024
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 16.7... Moderate Unreviewed
CVE-2024-7057 was published Jul 25, 2024
After the initial setup process, some steps of setup.php file are reachable not only by super... Moderate Unreviewed
CVE-2022-23134 was published Feb 9, 2022
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers... Moderate Unreviewed
CVE-2016-3715 was published May 14, 2022
A security flaw in Node.js allows a bypass of network import restrictions. By embedding non... Moderate Unreviewed
CVE-2024-22020 was published Jul 9, 2024
The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing... Moderate Unreviewed
CVE-2024-6738 was published Jul 15, 2024
Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier... Moderate Unreviewed
CVE-2021-44465 was published Apr 25, 2023
Improper access control in reporting engine of l10n_fr_fec module in Odoo Community 15.0 and... Moderate Unreviewed
CVE-2021-23176 was published Apr 25, 2023
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.0.4... Moderate Unreviewed
CVE-2024-5257 was published Jul 11, 2024
An improper access control vulnerability [CWE-284] in Fortinet FortiADC version 7.4.0 through 7... Moderate Unreviewed
CVE-2023-50181 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The... Moderate Unreviewed
CVE-2022-32255 was published Jun 15, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The... Moderate Unreviewed
CVE-2022-32256 was published Jun 15, 2022
litellm vulnerable to improper access control in team management Moderate
CVE-2024-5710 was published for litellm (pip) Jun 27, 2024
krrishdholakia byt3bl33d3r
Improper Access Control in stitionai/devika Moderate Unreviewed
CVE-2024-5821 was published Jul 3, 2024
Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2, 9.5.x <= 9.5.5 fail to prevent... Moderate Unreviewed
CVE-2024-6428 was published Jul 3, 2024
If a specific sequence of actions is performed when opening a new tab, the triggering principal... Moderate Unreviewed
CVE-2024-5687 was published Jun 11, 2024
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.6.8's access control... Moderate Unreviewed
CVE-2024-2749 was published May 14, 2024
Anti-Cheat Expert's Windows kernel module "ACE-BASE.sys" version 1.0.2202.6217 does not perform... Moderate Unreviewed
CVE-2024-22830 was published May 1, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a... Moderate Unreviewed
CVE-2024-22807 was published Apr 22, 2024
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-33260 was published Apr 26, 2024
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle... Moderate Unreviewed
CVE-2024-21091 was published Apr 17, 2024
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway)... Moderate Unreviewed
CVE-2024-21084 was published Apr 17, 2024
ProTip! Advisories are also available from the GraphQL API