Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,896 advisories

Loading
Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run... Critical Unreviewed
CVE-2024-45489 was published Sep 20, 2024
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic... Moderate Unreviewed
CVE-2024-9003 was published Sep 19, 2024
Microsoft Office Visio Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38016 was published Sep 19, 2024
The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15... Moderate Unreviewed
CVE-2024-40825 was published Sep 17, 2024
An Incorrect Access Control vulnerability was found in /music/view_user.php?id=3 and /music... Moderate Unreviewed
CVE-2024-42795 was published Sep 16, 2024
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_genre in... Moderate Unreviewed
CVE-2024-42796 was published Sep 16, 2024
Kashipara Music Management System v1.0 is vulnerable to Incorrect Access Control via /music/ajax... Moderate Unreviewed
CVE-2024-42794 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user... Moderate Unreviewed
CVE-2024-36247 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software all versions may allow an... Low Unreviewed
CVE-2024-36261 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software for all versions may allow an... Moderate Unreviewed
CVE-2024-34543 was published Sep 16, 2024
Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user... High Unreviewed
CVE-2023-43626 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user... Low Unreviewed
CVE-2024-28170 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software for all versions may allow an... Moderate Unreviewed
CVE-2024-32940 was published Sep 16, 2024
OMFLOW from The SYSCOM Group does not properly restrict access to the system settings... High Unreviewed
CVE-2024-8779 was published Sep 16, 2024
An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties... Critical Unreviewed
CVE-2024-46937 was published Sep 16, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-8269 was published Sep 13, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService... High Unreviewed
CVE-2024-44571 was published Sep 11, 2024
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2024-20343 was published Sep 11, 2024
Microsoft Power Automate Desktop Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43479 was published Sep 10, 2024
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43492 was published Sep 10, 2024
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15... High Unreviewed
CVE-2024-44667 was published Sep 10, 2024
Microsoft SQL Server Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-37341 was published Sep 10, 2024
Azure Stack Hub Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-38220 was published Sep 10, 2024
Loftware Spectrum through 4.6 has unprotected JMX Registry. High Unreviewed
CVE-2023-37234 was published Sep 10, 2024
An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6... Moderate Unreviewed
CVE-2024-45323 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API