GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
937 advisories
Filter by severity
Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5...
High
Unreviewed
CVE-2024-24693
was published
Mar 13, 2024
Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom...
High
Unreviewed
CVE-2023-49647
was published
Jan 13, 2024
Improper access control in Zoom Rooms before version 5.15.0 may allow an authenticated user to...
High
Unreviewed
CVE-2023-36538
was published
Jul 11, 2023
If Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local...
High
Unreviewed
CVE-2023-22618
was published
Oct 4, 2023
Zoom VDI client installer prior to 5.14.0 contains an improper access control vulnerability. A...
High
Unreviewed
CVE-2023-28603
was published
Jun 13, 2023
Microsoft Office Visio Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38016
was published
Sep 19, 2024
Mautic vulnerable to Improper Access Control in UI upgrade process
High
CVE-2022-25768
was published
for
mautic/core
(Composer)
Sep 18, 2024
Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier...
High
Unreviewed
CVE-2023-5240
was published
Oct 13, 2023
Flask-CORS allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default
High
CVE-2024-6221
was published
for
Flask-Cors
(pip)
Aug 18, 2024
Component takeover in Oracle Data Provider for .NET
High
CVE-2023-21893
was published
for
Oracle.ManagedDataAccess
(NuGet)
Jan 18, 2023
Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: Java...
High
Unreviewed
CVE-2023-21849
was published
Jan 18, 2023
Vulnerability in the Oracle Learning Management product of Oracle E-Business Suite (component:...
High
Unreviewed
CVE-2023-21852
was published
Jan 18, 2023
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing...
High
Unreviewed
CVE-2023-21851
was published
Jan 18, 2023
Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to...
High
Unreviewed
CVE-2023-43336
was published
Nov 2, 2023
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security...
High
Unreviewed
CVE-2023-21846
was published
Jan 18, 2023
Vulnerability in the Oracle Mobile Field Service product of Oracle E-Business Suite (component:...
High
Unreviewed
CVE-2023-21853
was published
Jan 18, 2023
Vulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component...
High
Unreviewed
CVE-2023-21857
was published
Jan 18, 2023
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component:...
High
Unreviewed
CVE-2023-21850
was published
Jan 18, 2023
Vulnerability in the Oracle Sales Offline product of Oracle E-Business Suite (component: Core...
High
Unreviewed
CVE-2023-21854
was published
Jan 18, 2023
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security...
High
Unreviewed
CVE-2023-21832
was published
Jan 18, 2023
Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and...
High
Unreviewed
CVE-2023-21828
was published
Jan 18, 2023
Karmasis informatics solutions Infraskope Security Event Manager product has an unauthenticated...
High
Unreviewed
CVE-2022-24038
was published
Nov 18, 2022
Vulnerability in the Oracle Global Lifecycle Management NextGen OUI Framework product of Oracle...
High
Unreviewed
CVE-2023-21894
was published
Jan 18, 2023
Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications...
High
Unreviewed
CVE-2023-21923
was published
Apr 18, 2023
Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user...
High
Unreviewed
CVE-2023-43626
was published
Sep 16, 2024
ProTip!
Advisories are also available from the
GraphQL API