GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
869 advisories
Filter by severity
A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the...
High
Unreviewed
CVE-2024-45982
was published
Sep 26, 2024
An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2...
High
Unreviewed
CVE-2024-44860
was published
Sep 26, 2024
An issue in Foxit Software Foxit PDF Reader v.2024.2.2.25170 allows a local attacker to execute...
High
Unreviewed
CVE-2024-41605
was published
Sep 26, 2024
An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and...
High
Unreviewed
CVE-2024-46609
was published
Sep 25, 2024
Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering...
High
Unreviewed
CVE-2024-46607
was published
Sep 25, 2024
Microsoft Office Visio Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38016
was published
Sep 19, 2024
Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user...
High
Unreviewed
CVE-2023-43626
was published
Sep 16, 2024
OMFLOW from The SYSCOM Group does not properly restrict access to the system settings...
High
Unreviewed
CVE-2024-8779
was published
Sep 16, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-8269
was published
Sep 13, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService...
High
Unreviewed
CVE-2024-44571
was published
Sep 11, 2024
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-43492
was published
Sep 10, 2024
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15...
High
Unreviewed
CVE-2024-44667
was published
Sep 10, 2024
Microsoft Power Automate Desktop Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-43479
was published
Sep 10, 2024
Microsoft SQL Server Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-37341
was published
Sep 10, 2024
Loftware Spectrum through 4.6 has unprotected JMX Registry.
High
Unreviewed
CVE-2023-37234
was published
Sep 10, 2024
In Baxter Connex health portal released before 8/30/2024, an improper access control...
High
Unreviewed
CVE-2024-6796
was published
Sep 9, 2024
An incorrect permission assignment vulnerability allows an attacker to modify product...
High
Unreviewed
CVE-2024-42022
was published
Sep 7, 2024
An improper access control vulnerability allows an attacker with valid access tokens to access...
High
Unreviewed
CVE-2024-42021
was published
Sep 7, 2024
An improper access control vulnerability allows low-privileged users to execute code with...
High
Unreviewed
CVE-2024-42023
was published
Sep 7, 2024
fs.openAsBlob() can bypass the experimental permission model when using the file system read...
High
Unreviewed
CVE-2023-30583
was published
Sep 7, 2024
A vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental...
High
Unreviewed
CVE-2023-30587
was published
Sep 7, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper or...
High
Unreviewed
CVE-2024-45170
was published
Sep 4, 2024
Insufficient access checks in Visual Planning Admin Center 8 before v.1 Build 240207 allow...
High
Unreviewed
CVE-2023-49233
was published
Sep 3, 2024
An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and...
High
Unreviewed
CVE-2024-36068
was published
Aug 27, 2024
Improper access control in Decentralized Identity Services allows an unathenticated attacker to...
High
Unreviewed
CVE-2024-43477
was published
Aug 23, 2024
ProTip!
Advisories are also available from the
GraphQL API