Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

941 advisories

Loading
Zoom for MacOSclients prior to 5.14.0 contain an improper access control vulnerability. A... Moderate Unreviewed
CVE-2023-28600 was published Jun 13, 2023
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic... Moderate Unreviewed
CVE-2024-9003 was published Sep 19, 2024
Vite's `server.fs.deny` is bypassed when using `?import&raw` Moderate
CVE-2024-45811 was published for vite (npm) Sep 17, 2024
adi1
Directus vulnerable to SSRF Loopback IP filter bypass Moderate
CVE-2024-46990 was published for @directus/api (npm) Sep 18, 2024
r3dpower
Kashipara Music Management System v1.0 is vulnerable to Incorrect Access Control via /music/ajax... Moderate Unreviewed
CVE-2024-42794 was published Sep 16, 2024
An Incorrect Access Control vulnerability was found in /music/view_user.php?id=3 and /music... Moderate Unreviewed
CVE-2024-42795 was published Sep 16, 2024
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_genre in... Moderate Unreviewed
CVE-2024-42796 was published Sep 16, 2024
Django Access Restrictions Bypass Moderate
CVE-2016-2048 was published for django (pip) May 17, 2022
MarkLee131
The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15... Moderate Unreviewed
CVE-2024-40825 was published Sep 17, 2024
Ghost's improper authentication allows access to member information and actions Moderate
CVE-2024-43409 was published for @tryghost/portal (npm) Aug 20, 2024
1337Nerd
Umbraco CMS Improper Access Control vulnerability Moderate
CVE-2024-43377 was published for Umbraco.Cms (NuGet) Aug 20, 2024
Karmasis informatics solutions Infraskope Security Event Manager product has an unauthenticated... Moderate Unreviewed
CVE-2022-24036 was published Nov 16, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: Internal... Moderate Unreviewed
CVE-2023-21860 was published Jan 18, 2023
Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications... Moderate Unreviewed
CVE-2023-21922 was published Apr 18, 2023
Vulnerability in the Oracle Banking Virtual Account Management product of Oracle Financial... Moderate Unreviewed
CVE-2023-21905 was published Apr 18, 2023
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user... Moderate Unreviewed
CVE-2024-36247 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software for all versions may allow an... Moderate Unreviewed
CVE-2024-32940 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software for all versions may allow an... Moderate Unreviewed
CVE-2024-34543 was published Sep 16, 2024
Vulnerability in Oracle SQL Developer (component: Installation). Supported versions that are... Moderate Unreviewed
CVE-2023-21969 was published Apr 18, 2023
Lunary improper access control vulnerability Moderate
CVE-2024-6087 was published for lunary (npm) Sep 13, 2024
The leakage of the client secret in Kaibutsunosato v13.6.1 allows attackers to obtain the channel... Moderate Unreviewed
CVE-2023-39731 was published Oct 20, 2023
** UNSUPPORTED WHEN ASSIGNED ** D-Link (Non-US) DSL-2750U N300 ADSL2+ and (Non-US) DSL-2730U N150... Moderate Unreviewed
CVE-2023-46033 was published Oct 19, 2023
Improper Access Control in Apache Airflow Moderate
CVE-2021-26559 was published for apache-airflow (pip) Apr 7, 2021
sunSUNQ
The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10... Moderate Unreviewed
CVE-2023-40708 was published Aug 24, 2023
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2024-20343 was published Sep 11, 2024
ProTip! Advisories are also available from the GraphQL API