Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

31 advisories

Loading
Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper... High Unreviewed
CVE-2024-53295 was published Feb 1, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to... Moderate Unreviewed
CVE-2024-11931 was published Jan 24, 2025
Insufficient Granularity of Access Control vulnerability in Drupal Paragraphs table allows... Moderate Unreviewed
CVE-2024-13272 was published Jan 9, 2025
Insufficient Granularity of Access Control vulnerability in Drupal Email Contact allows Forceful... High Unreviewed
CVE-2024-13256 was published Jan 9, 2025
Outlook for Android Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-43604 was published Oct 8, 2024
Lunary information disclosure vulnerability Moderate
CVE-2024-6867 was published for lunary (npm) Sep 13, 2024
aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own services Low
CVE-2024-39324 was published for aimeos/ai-admin-graphql (Composer) Jul 2, 2024
ssshah2131
aimeos/ai-admin-graphql improper access control vulnerability allows an editor to modify admin account High
CVE-2024-39323 was published for aimeos/ai-admin-graphql (Composer) Jul 2, 2024
ssshah2131
lunary-ai/lunary Access Control Vulnerability in Prompt Variation Management Moderate
CVE-2024-5389 was published for lunary (npm) Jun 10, 2024 withdrawn
Improper authorization in zenml Moderate
CVE-2024-2035 was published for zenml (pip) Jun 6, 2024
Improper access control in Intel(R) Power Gadget software for Windows all versions may allow an... High Unreviewed
CVE-2023-45217 was published May 16, 2024
Improper access control in some Intel(R) Power Gadget software for macOS all versions may allow... High Unreviewed
CVE-2023-40070 was published May 16, 2024
IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized... Moderate Unreviewed
CVE-2023-43040 was published May 14, 2024
Kimai API returns timesheet entries a user should not be authorized to view Moderate
CVE-2024-29200 was published for kimai/kimai (Composer) Mar 29, 2024
AstroGD
Insufficient Granularity of Access Control vulnerability in OpenText™ Service Management... Moderate Unreviewed
CVE-2023-32259 was published Mar 19, 2024
An access-control flaw was found in the OpenStack Designate component where private configuration... Moderate Unreviewed
CVE-2023-6725 was published Mar 15, 2024
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Low Unreviewed
CVE-2024-26246 was published Mar 15, 2024
The disabling function of the user registration page for Heimavista Rpage and Epage is not... Moderate Unreviewed
CVE-2024-2412 was published Mar 13, 2024
Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110... High Unreviewed
CVE-2023-44285 was published Dec 14, 2023
A flaw was found in openshift-logging LokiStack. The key used for caching is just the token,... Moderate Unreviewed
CVE-2023-4456 was published Aug 21, 2023
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test... Moderate Unreviewed
CVE-2023-39418 was published Aug 11, 2023
Microsoft Security Advisory CVE-2023-33127: .NET Remote Code Execution Vulnerability High
CVE-2023-33127 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Jul 11, 2023
Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to... Moderate Unreviewed
CVE-2023-3227 was published Jun 14, 2023
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware,... High Unreviewed
CVE-2023-0205 was published Apr 22, 2023
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware,... High Unreviewed
CVE-2023-0203 was published Apr 22, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database