Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

868 advisories

Loading
An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2... High Unreviewed
CVE-2024-44860 was published Sep 26, 2024
A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the... High Unreviewed
CVE-2024-45982 was published Sep 26, 2024
Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering... High Unreviewed
CVE-2024-46607 was published Sep 25, 2024
An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and... High Unreviewed
CVE-2024-46609 was published Sep 25, 2024
Microsoft Office Visio Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38016 was published Sep 19, 2024
Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user... High Unreviewed
CVE-2023-43626 was published Sep 16, 2024
OMFLOW from The SYSCOM Group does not properly restrict access to the system settings... High Unreviewed
CVE-2024-8779 was published Sep 16, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-8269 was published Sep 13, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService... High Unreviewed
CVE-2024-44571 was published Sep 11, 2024
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43492 was published Sep 10, 2024
Microsoft Power Automate Desktop Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43479 was published Sep 10, 2024
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15... High Unreviewed
CVE-2024-44667 was published Sep 10, 2024
Microsoft SQL Server Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-37341 was published Sep 10, 2024
Loftware Spectrum through 4.6 has unprotected JMX Registry. High Unreviewed
CVE-2023-37234 was published Sep 10, 2024
In Baxter Connex health portal released before 8/30/2024, an improper access control... High Unreviewed
CVE-2024-6796 was published Sep 9, 2024
An improper access control vulnerability allows low-privileged users to execute code with... High Unreviewed
CVE-2024-42023 was published Sep 7, 2024
An improper access control vulnerability allows an attacker with valid access tokens to access... High Unreviewed
CVE-2024-42021 was published Sep 7, 2024
An incorrect permission assignment vulnerability allows an attacker to modify product... High Unreviewed
CVE-2024-42022 was published Sep 7, 2024
A vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental... High Unreviewed
CVE-2023-30587 was published Sep 7, 2024
fs.openAsBlob() can bypass the experimental permission model when using the file system read... High Unreviewed
CVE-2023-30583 was published Sep 7, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper or... High Unreviewed
CVE-2024-45170 was published Sep 4, 2024
Insufficient access checks in Visual Planning Admin Center 8 before v.1 Build 240207 allow... High Unreviewed
CVE-2023-49233 was published Sep 3, 2024
An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and... High Unreviewed
CVE-2024-36068 was published Aug 27, 2024
Improper access control in Decentralized Identity Services allows an unathenticated attacker to... High Unreviewed
CVE-2024-43477 was published Aug 23, 2024
Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Access Control via /admin/users... High Unreviewed
CVE-2024-42776 was published Aug 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database