Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,232 advisories

Loading
A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for... Moderate Unreviewed
CVE-2024-20510 was published Sep 25, 2024
BTS is affected by information disclosure vulnerability where mobile network operator personnel... Low Unreviewed
CVE-2023-25189 was published Sep 25, 2024
Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10... Moderate Unreviewed
CVE-2024-6512 was published Sep 25, 2024
Incorrect Authorization vulnerability in the protocol communication between the WatchGuard... Critical Unreviewed
CVE-2024-6592 was published Sep 25, 2024
Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On... Critical Unreviewed
CVE-2024-6593 was published Sep 25, 2024
Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows... Critical Unreviewed
CVE-2024-8606 was published Sep 23, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-9082 was published Sep 22, 2024
In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate... Moderate Unreviewed
CVE-2024-47160 was published Sep 19, 2024
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore... Moderate Unreviewed
CVE-2024-47159 was published Sep 19, 2024
app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org... Critical Unreviewed
CVE-2024-46918 was published Sep 16, 2024
An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5... Moderate Unreviewed
CVE-2024-2743 was published Sep 12, 2024
A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a... Moderate Unreviewed
CVE-2024-8691 was published Sep 11, 2024
An access control vulnerability was discovered in the Reports section due to a specific access... Moderate Unreviewed
CVE-2024-4465 was published Sep 11, 2024
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15... High Unreviewed
CVE-2024-44667 was published Sep 10, 2024
Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization... Moderate Unreviewed
CVE-2024-42423 was published Sep 10, 2024
Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which... Moderate Unreviewed
CVE-2024-6979 was published Sep 10, 2024
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to... Low Unreviewed
CVE-2024-44114 was published Sep 10, 2024
This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to... High Unreviewed
CVE-2024-8601 was published Sep 9, 2024
Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to... Moderate Unreviewed
CVE-2024-34652 was published Sep 4, 2024
Incorrect authorization in CocktailbarService prior to SMR Sep-2024 Release 1 allows local... Moderate Unreviewed
CVE-2024-34650 was published Sep 4, 2024
Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to... Moderate Unreviewed
CVE-2024-34651 was published Sep 4, 2024
Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers... Moderate Unreviewed
CVE-2024-34642 was published Sep 4, 2024
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1_P160 due to... High Unreviewed
CVE-2024-45588 was published Sep 3, 2024
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1_P160 due to... High Unreviewed
CVE-2024-45587 was published Sep 3, 2024
This vulnerability exists due to improper access controls on APIs in the Authentication module of... High Unreviewed
CVE-2024-45586 was published Sep 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database