Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,361 advisories

Loading
In TOTOLINK EX200 V4.0.3c.7314_B20191204, an attacker can obtain the configuration file without... Critical Unreviewed
CVE-2024-31815 was published Apr 8, 2024
Improper access control in some Intel(R) VROC software before version 8.0.8.1001 may allow an... High Unreviewed
CVE-2023-31271 was published Oct 28, 2024
Access Control Bypass in Spring Security Critical
CVE-2023-34034 was published for org.springframework.security:spring-security-config (Maven) Jul 19, 2023
bbossola furti
TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are... High Unreviewed
CVE-2023-46992 was published Oct 31, 2023
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2023-42860 was published Feb 21, 2024
Broken access control in the component /admin/management/users of School Fees Management System... High Unreviewed
CVE-2023-49982 was published Mar 21, 2024
Improper access control in PAM JIT elevation in Devolutions Server 2024.1.6 and earlier allows an... High Unreviewed
CVE-2024-2915 was published Mar 26, 2024
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can... Critical Unreviewed
CVE-2024-25735 was published Mar 27, 2024
Permission management vulnerability in the lock screen module.Successful exploitation of this... High Unreviewed
CVE-2023-52362 was published Feb 18, 2024
An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to... Critical Unreviewed
CVE-2024-7475 was published Oct 29, 2024
Incorrect access control in the fingerprint authentication mechanism of Phone Cleaner: Boost &... Critical Unreviewed
CVE-2024-31682 was published Jun 3, 2024
** DISPUTED ** An issue was discovered in SMA Solar Technology products. A secondary... Critical Unreviewed
CVE-2017-9855 was published May 13, 2022
Mattermost Server allows user to get private channel names Moderate
CVE-2024-10241 was published for github.com/mattermost/mattermost/server/v8 (Go) Oct 29, 2024
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before... Moderate Unreviewed
CVE-2023-28715 was published Oct 29, 2024
Improper access control in some Intel(R) DSA software before version 23.4.33 may allow an... Moderate Unreviewed
CVE-2023-25073 was published Oct 29, 2024
Improper access control for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software... Moderate Unreviewed
CVE-2023-33875 was published Oct 29, 2024
Improper access control in some Intel(R) DSA software before version 23.4.33 may allow a... Moderate Unreviewed
CVE-2023-35062 was published Oct 29, 2024
Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions... High Unreviewed
CVE-2024-34221 was published May 14, 2024
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15... High Unreviewed
CVE-2024-44667 was published Sep 10, 2024
Ghost's improper authentication allows access to member information and actions Moderate
CVE-2024-43409 was published for @tryghost/portal (npm) Aug 20, 2024
1337Nerd
ICG.AspNetCore.Utilities.CloudStorage's Secure Token Durations Different Than Expected Moderate
CVE-2024-50353 was published for ICG.AspNetCore.Utilities.CloudStorage (NuGet) Oct 30, 2024
mitchelsellers
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-7424 was published Nov 1, 2024
In lunary-ai/lunary version 1.2.5, an improper access control vulnerability exists due to a... Moderate Unreviewed
CVE-2024-5248 was published Jun 6, 2024
In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference (IDOR) vulnerability... Critical Unreviewed
CVE-2024-7474 was published Oct 29, 2024
In telephony, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2024-20065 was published Jun 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database