GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,903 advisories
Filter by severity
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2024-47148
was published
Dec 26, 2024
In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects
Moderate
Unreviewed
CVE-2024-56350
was published
Dec 20, 2024
In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of...
Moderate
Unreviewed
CVE-2024-56348
was published
Dec 20, 2024
Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This...
Moderate
Unreviewed
CVE-2024-12831
was published
Dec 20, 2024
Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android...
Critical
Unreviewed
CVE-2023-4617
was published
Dec 19, 2024
Dante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect access control for some sockd.conf...
Critical
Unreviewed
CVE-2024-54662
was published
Dec 17, 2024
The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in...
Low
Unreviewed
CVE-2024-9654
was published
Dec 17, 2024
Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attackers to create or update a...
High
Unreviewed
CVE-2024-37775
was published
Dec 17, 2024
An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5...
Moderate
Unreviewed
CVE-2024-8650
was published
Dec 16, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5...
Moderate
Unreviewed
CVE-2024-8116
was published
Dec 16, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6...
Low
Unreviewed
CVE-2024-10043
was published
Dec 12, 2024
The issue was addressed with improved permissions logic. This issue is fixed in macOS Sequoia 15...
Moderate
Unreviewed
CVE-2024-54495
was published
Dec 12, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An...
High
Unreviewed
CVE-2024-55579
was published
Dec 9, 2024
Mattermost versions 9.7.x <= 9.7.5, 9.8.x <= 9.8.2 and 9.9.x <= 9.9.2 fail to properly propagate...
Moderate
Unreviewed
CVE-2024-12247
was published
Dec 5, 2024
Incorrect authorization in the permission component in Devolutions Server 2024.3.7.0 and earlier...
Moderate
Unreviewed
CVE-2024-12196
was published
Dec 4, 2024
Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and...
Moderate
Unreviewed
CVE-2024-12148
was published
Dec 4, 2024
Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance...
Moderate
Unreviewed
CVE-2023-52944
was published
Dec 4, 2024
Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance...
Moderate
Unreviewed
CVE-2023-52943
was published
Dec 4, 2024
A vulnerability exists where a low-privileged user can exploit insufficient permissions in...
High
Unreviewed
CVE-2024-45204
was published
Dec 4, 2024
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent...
High
Unreviewed
CVE-2024-42452
was published
Dec 4, 2024
An issue was discovered on Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware...
High
Unreviewed
CVE-2024-53937
was published
Dec 3, 2024
An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware...
High
Unreviewed
CVE-2024-53941
was published
Dec 3, 2024
Incorrect access control in wms-Warehouse management system-zeqp v2.20.9.1 due to the token value...
Critical
Unreviewed
CVE-2024-52732
was published
Dec 2, 2024
In Click Studios Passwordstate before build 9920, there is a potential permission escalation on...
High
Unreviewed
CVE-2024-54124
was published
Nov 29, 2024
In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This...
High
Unreviewed
CVE-2018-9374
was published
Nov 28, 2024
ProTip!
Advisories are also available from the
GraphQL API