Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

375 advisories

Loading
This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed
CVE-2023-27350 was published Apr 20, 2023
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11... Critical Unreviewed
CVE-2024-5655 was published Jun 27, 2024
Improper access control vulnerability in Prodys' Quantum Audio codec affecting versions 2.3.4t... Critical Unreviewed
CVE-2024-5168 was published May 23, 2024
Wikimedia MediaWiki Incorrect Access Control vulnerability Critical
CVE-2019-12468 was published for mediawiki/core (Composer) May 24, 2022
Improper Access Control in Gitea Critical
CVE-2020-28991 was published for github.com/go-gitea/gitea (Go) Apr 24, 2024
Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-21376 was published Feb 13, 2024
A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL,... Critical Unreviewed
CVE-2024-3765 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... Critical Unreviewed
CVE-2024-29836 was published Apr 15, 2024
Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21401 was published Feb 13, 2024
Microsoft Azure Site Recovery Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21364 was published Feb 13, 2024
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-29990 was published Apr 9, 2024
Sielco PolyEco1000 is vulnerable to an authentication bypass vulnerability due... Critical Unreviewed
CVE-2023-46665 was published Oct 26, 2023
Sielco PolyEco1000 is vulnerable to an improper access control vulnerability when... Critical Unreviewed
CVE-2023-46664 was published Oct 26, 2023
A command execution vulnerability exists in the validate.so diag_ping_start functionality of... Critical Unreviewed
CVE-2023-32632 was published Oct 11, 2023
An authentication bypass vulnerability exists in the httpd nvram.cgi functionality of Yifan YF325... Critical Unreviewed
CVE-2023-24479 was published Oct 11, 2023
An improper access control vulnerability [CWE-284] in FortiManager management interface 7.2.0... Critical Unreviewed
CVE-2023-41679 was published Oct 10, 2023
Improper Access Control in SICK APU allows an unprivileged remote attacker to download as well... Critical Unreviewed
CVE-2023-43696 was published Oct 9, 2023
A remote unauthorized attacker may connect to the SIM1012, interact with the device and change... Critical Unreviewed
CVE-2023-5288 was published Sep 29, 2023
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation... Critical Unreviewed
CVE-2023-31242 was published Sep 5, 2023
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device... Critical Unreviewed
CVE-2023-29130 was published Jul 11, 2023
A vulnerability has been discovered in the customer-managed ShareFile storage zones controller... Critical Unreviewed
CVE-2023-24489 was published Jul 11, 2023
Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and... Critical Unreviewed
CVE-2023-1834 was published Jul 6, 2023
The Pinterest Automatic plugin for WordPress is vulnerable to authorization bypass due to missing... Critical Unreviewed
CVE-2021-4380 was published Jun 7, 2023
Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can... Critical Unreviewed
CVE-2023-28808 was published Apr 11, 2023
A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16,... Critical Unreviewed
CVE-2020-10731 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database