Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

357 advisories

Loading
An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in... Critical Unreviewed
CVE-2023-40039 was published Sep 11, 2023
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in... Critical Unreviewed
CVE-2024-42797 was published Sep 25, 2024
TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access... Critical Unreviewed
CVE-2023-43141 was published Sep 25, 2023
Improper Access Control in jupyterhub-firstuseauthenticator Critical
CVE-2021-41194 was published for jupyterhub-firstuseauthenticator (pip) Oct 28, 2021
georgejhunt
An Insecure Direct Object Reference (IDOR) vulnerability was identified in lunary-ai/lunary,... Critical Unreviewed
CVE-2024-5128 was published Jun 6, 2024
Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run... Critical Unreviewed
CVE-2024-45489 was published Sep 20, 2024
An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties... Critical Unreviewed
CVE-2024-46937 was published Sep 16, 2024
HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or... Critical Unreviewed
CVE-2023-5365 was published Oct 9, 2023
Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of this... Critical Unreviewed
CVE-2023-44118 was published Oct 11, 2023
An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also... Critical Unreviewed
CVE-2023-43119 was published Oct 16, 2023
TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive... Critical Unreviewed
CVE-2024-39376 was published Jun 27, 2024
SaToken privilege escalation vulnerability Critical
CVE-2023-44794 was published for cn.dev33:sa-token-core (Maven) Oct 25, 2023
Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are... Critical Unreviewed
CVE-2023-41721 was published Oct 25, 2023
Azure Stack Hub Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-38220 was published Sep 10, 2024
An improper access control vulnerability has been identified in the SonicWall SonicOS management... Critical Unreviewed
CVE-2024-40766 was published Aug 23, 2024
eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via... Critical Unreviewed
CVE-2024-42919 was published Aug 20, 2024
Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the... Critical Unreviewed
CVE-2024-42967 was published Aug 15, 2024
An issue in BoltWire v.6.03 allows a remote attacker to obtain sensitive information via a... Critical Unreviewed
CVE-2023-46501 was published Nov 7, 2023
In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access... Critical Unreviewed
CVE-2024-45509 was published Sep 2, 2024
Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device... Critical Unreviewed
CVE-2022-46025 was published Jan 10, 2024
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting... Critical Unreviewed
CVE-2024-45522 was published Sep 2, 2024
The Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in... Critical Unreviewed
CVE-2021-47155 was published Mar 18, 2024
Incorrect access control in Book Store Management System v1 allows attackers to access... Critical Unreviewed
CVE-2023-49543 was published Mar 2, 2024
An issue was discovered in Lustre versions 2.13.x, 2.14.x, and 2.15.x before 2.15.4, allows... Critical Unreviewed
CVE-2023-51786 was published Mar 7, 2024
Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has... Critical Unreviewed
CVE-2022-47036 was published Mar 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database