Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

633 advisories

Loading
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an... High Unreviewed
CVE-2023-47142 was published Feb 2, 2024
This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to... High Unreviewed
CVE-2024-8601 was published Sep 9, 2024
Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42... High Unreviewed
CVE-2022-1401 was published Aug 18, 2022
A vulnerability was found in subscription-manager that allows local privilege escalation due to... High Unreviewed
CVE-2023-3899 was published Aug 23, 2023
AdTran SRG 834-5 HDC17600021F1 devices (with SmartOS 11.1.1.1 and fixed in Version 12.1.3.1) have... High Unreviewed
CVE-2024-31970 was published Jul 24, 2024
This vulnerability exists due to improper access controls on APIs in the Authentication module of... High Unreviewed
CVE-2024-45586 was published Sep 3, 2024
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1_P160 due to... High Unreviewed
CVE-2024-45587 was published Sep 3, 2024
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1_P160 due to... High Unreviewed
CVE-2024-45588 was published Sep 3, 2024
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while... High Unreviewed
CVE-2024-38868 was published Aug 30, 2024
Improper authorization in global search in GitLab EE affecting all versions from 16.11 prior to... High Unreviewed
CVE-2024-6323 was published Jun 27, 2024
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy... High Unreviewed
CVE-2024-7265 was published Aug 7, 2024
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy... High Unreviewed
CVE-2024-7266 was published Aug 7, 2024
Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user... High Unreviewed
CVE-2024-7697 was published Aug 12, 2024
Incorrect Authorization vulnerability in Bit Apps Bit Form Pro bitformpro allows Accessing... High Unreviewed
CVE-2024-43250 was published Aug 19, 2024
CloudStack account-users by default use username and password based authentication for API and UI... High Unreviewed
CVE-2024-42062 was published Aug 7, 2024
Incorrect Authorization vulnerability in WPWeb Docket (WooCommerce Collections / Wishlist /... High Unreviewed
CVE-2024-43131 was published Aug 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application... High Unreviewed
CVE-2024-41939 was published Aug 13, 2024
Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through... High Unreviewed
CVE-2024-38856 was published Aug 5, 2024
IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0... High Unreviewed
CVE-2024-38329 was published Jun 19, 2024
Windows Boot Manager Security Feature Bypass Vulnerability. High Unreviewed
CVE-2022-30203 was published Jul 13, 2022
Windows AD FS Security Feature Bypass Vulnerability High Unreviewed
CVE-2021-40456 was published May 24, 2022
The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-5324 was published Jun 6, 2024
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5... High Unreviewed
CVE-2018-13382 was published May 24, 2022
This issue was addressed with improved permissions checking. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2024-27848 was published Jun 10, 2024
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests... High Unreviewed
CVE-2021-3560 was published Feb 17, 2022
ProTip! Advisories are also available from the GraphQL API