GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,190

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,846 advisories

Filter by severity

Sort by

Least recently updated

Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass. Moderate Unreviewed

CVE-2022-21913 was published Jan 12, 2022

Secure Boot Security Feature Bypass Vulnerability. Moderate Unreviewed

CVE-2022-21894 was published Jan 12, 2022

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability. Moderate Unreviewed

CVE-2022-21899 was published Jan 12, 2022

In lunary-ai/lunary versions 1.2.2 through 1.2.6, an incorrect authorization vulnerability allows... Critical Unreviewed

CVE-2024-3379 was published Nov 14, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.0 prior to 17.3.7... High Unreviewed

CVE-2024-9693 was published Nov 14, 2024

Zoho ManageEngine ServiceDesk Plus before 14202, ServiceDesk Plus MSP before 14300, and... Moderate Unreviewed

CVE-2023-34197 was published Jul 7, 2023

Sourcecodester Online Computer and Laptop Store 1.0 is vulnerable to Incorrect Access Control,... Critical Unreviewed

CVE-2023-31704 was published Jul 13, 2023

A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions ... High Unreviewed

CVE-2024-50310 was published Nov 12, 2024

Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 and 10.0.x <= 10.0.0 fail... Low Unreviewed

CVE-2024-42000 was published Nov 9, 2024

During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the... High Unreviewed

CVE-2023-5553 was published Nov 21, 2023

Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which... Moderate Unreviewed

CVE-2024-6979 was published Sep 10, 2024

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3... High Unreviewed

CVE-2023-22593 was published Jun 27, 2023

An Incorrect Access Control vulnerability was found in /admin/edit_room_controller.php in... Critical Unreviewed

CVE-2024-42773 was published Aug 22, 2024

Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization... High Unreviewed

CVE-2024-45164 was published Nov 4, 2024

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,... Moderate Unreviewed

CVE-2024-20537 was published Nov 6, 2024

Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of... Critical Unreviewed

CVE-2024-48176 was published Nov 6, 2024

In imgsys, there is a possible system crash due to a mssing ptr check. This could lead to local... Moderate Unreviewed

CVE-2023-20800 was published Aug 7, 2023

In SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities via... High Unreviewed

CVE-2023-21256 was published Jul 13, 2023

Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin... High Unreviewed

CVE-2024-30616 was published Nov 4, 2024

An authentication issue was addressed with improved state management. This issue is fixed in... Critical Unreviewed

CVE-2024-23255 was published Mar 8, 2024

In getCurrentState of OneTimePermissionUserManager.java, there is a possible way to hold one-time... High Unreviewed

CVE-2023-21254 was published Jul 13, 2023

In shouldUseNoOpLocation of CameraActivity.java, there is a possible confused deputy due to a... Moderate Unreviewed

CVE-2024-0017 was published Feb 16, 2024

Incorrect Authorization vulnerability in WPChill Htaccess File Editor allows Accessing... Moderate Unreviewed

CVE-2024-49256 was published Nov 1, 2024

WTCMS 1.0 is vulnerable to Incorrect Access Control in \Common\Controller\HomebaseController... Critical Unreviewed

CVE-2024-48237 was published Oct 26, 2024

Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If... Moderate Unreviewed

CVE-2024-49501 was published Nov 1, 2024

Previous 1 2 3 4 5 … 73 74 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,846 advisories