GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,896 advisories
Filter by severity
Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run...
Critical
Unreviewed
CVE-2024-45489
was published
Sep 20, 2024
An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties...
Critical
Unreviewed
CVE-2024-46937
was published
Sep 16, 2024
A flaw exists in FlashBlade Purity (OE) Version 4.1.0 whereby a user with privileges to extend an...
Low
Unreviewed
CVE-2023-28372
was published
Oct 3, 2023
Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5...
High
Unreviewed
CVE-2024-24693
was published
Mar 13, 2024
Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom...
High
Unreviewed
CVE-2023-49647
was published
Jan 13, 2024
Improper access control in Zoom Rooms before version 5.15.0 may allow an authenticated user to...
High
Unreviewed
CVE-2023-36538
was published
Jul 11, 2023
If Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local...
High
Unreviewed
CVE-2023-22618
was published
Oct 4, 2023
Zoom for MacOSclients prior to 5.14.0 contain an improper access control vulnerability. A...
Moderate
Unreviewed
CVE-2023-28600
was published
Jun 13, 2023
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic...
Moderate
Unreviewed
CVE-2024-9003
was published
Sep 19, 2024
Zoom VDI client installer prior to 5.14.0 contains an improper access control vulnerability. A...
High
Unreviewed
CVE-2023-28603
was published
Jun 13, 2023
Microsoft Office Visio Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38016
was published
Sep 19, 2024
HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or...
Critical
Unreviewed
CVE-2023-5365
was published
Oct 9, 2023
Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of this...
Critical
Unreviewed
CVE-2023-44118
was published
Oct 11, 2023
Kashipara Music Management System v1.0 is vulnerable to Incorrect Access Control via /music/ajax...
Moderate
Unreviewed
CVE-2024-42794
was published
Sep 16, 2024
An Incorrect Access Control vulnerability was found in /music/view_user.php?id=3 and /music...
Moderate
Unreviewed
CVE-2024-42795
was published
Sep 16, 2024
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_genre in...
Moderate
Unreviewed
CVE-2024-42796
was published
Sep 16, 2024
Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier...
High
Unreviewed
CVE-2023-5240
was published
Oct 13, 2023
The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15...
Moderate
Unreviewed
CVE-2024-40825
was published
Sep 17, 2024
TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive...
Critical
Unreviewed
CVE-2024-39376
was published
Jun 27, 2024
An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also...
Critical
Unreviewed
CVE-2023-43119
was published
Oct 16, 2023
Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: Java...
High
Unreviewed
CVE-2023-21849
was published
Jan 18, 2023
Vulnerability in the Oracle Learning Management product of Oracle E-Business Suite (component:...
High
Unreviewed
CVE-2023-21852
was published
Jan 18, 2023
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing...
High
Unreviewed
CVE-2023-21851
was published
Jan 18, 2023
Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to...
High
Unreviewed
CVE-2023-43336
was published
Nov 2, 2023
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security...
High
Unreviewed
CVE-2023-21846
was published
Jan 18, 2023
ProTip!
Advisories are also available from the
GraphQL API