Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

375 advisories

Loading
HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or... Critical Unreviewed
CVE-2023-5365 was published Oct 9, 2023
Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of this... Critical Unreviewed
CVE-2023-44118 was published Oct 11, 2023
An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also... Critical Unreviewed
CVE-2023-43119 was published Oct 16, 2023
TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive... Critical Unreviewed
CVE-2024-39376 was published Jun 27, 2024
SaToken privilege escalation vulnerability Critical
CVE-2023-44794 was published for cn.dev33:sa-token-core (Maven) Oct 25, 2023
Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are... Critical Unreviewed
CVE-2023-41721 was published Oct 25, 2023
Azure Stack Hub Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-38220 was published Sep 10, 2024
An improper access control vulnerability has been identified in the SonicWall SonicOS management... Critical Unreviewed
CVE-2024-40766 was published Aug 23, 2024
eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via... Critical Unreviewed
CVE-2024-42919 was published Aug 20, 2024
Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the... Critical Unreviewed
CVE-2024-42967 was published Aug 15, 2024
An issue in BoltWire v.6.03 allows a remote attacker to obtain sensitive information via a... Critical Unreviewed
CVE-2023-46501 was published Nov 7, 2023
In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access... Critical Unreviewed
CVE-2024-45509 was published Sep 2, 2024
Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device... Critical Unreviewed
CVE-2022-46025 was published Jan 10, 2024
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting... Critical Unreviewed
CVE-2024-45522 was published Sep 2, 2024
The Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in... Critical Unreviewed
CVE-2021-47155 was published Mar 18, 2024
Incorrect access control in Book Store Management System v1 allows attackers to access... Critical Unreviewed
CVE-2023-49543 was published Mar 2, 2024
An issue was discovered in Lustre versions 2.13.x, 2.14.x, and 2.15.x before 2.15.4, allows... Critical Unreviewed
CVE-2023-51786 was published Mar 7, 2024
Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has... Critical Unreviewed
CVE-2022-47036 was published Mar 18, 2024
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an... Critical Unreviewed
CVE-2024-7954 was published Aug 23, 2024
An issue in Advanced Plugins ultimateimagetool module for PrestaShop before v.2.2.01, allows a... Critical Unreviewed
CVE-2024-28390 was published Mar 14, 2024
LibreChat through 0.7.4-rc1 has incorrect access control for message updates. (Work on a fixed... Critical Unreviewed
CVE-2024-41703 was published Jul 22, 2024
An Incorrect Access Control vulnerability was found in /admin/add_room_controller.php in... Critical Unreviewed
CVE-2024-42775 was published Aug 22, 2024
A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in... Critical Unreviewed
CVE-2024-40480 was published Aug 12, 2024
An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra... Critical Unreviewed
CVE-2024-38175 was published Aug 20, 2024
An issue in the login component (process_login.php) of Hotel Management System commit 79d688... Critical Unreviewed
CVE-2024-42559 was published Aug 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database