Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,257 advisories

Loading
In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access... Critical Unreviewed
CVE-2024-45509 was published Sep 2, 2024
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while... High Unreviewed
CVE-2024-38868 was published Aug 30, 2024
Incorrect Authorization vulnerability in Themeum Droip allows Accessing Functionality Not... Moderate Unreviewed
CVE-2024-43954 was published Aug 29, 2024
Incorrect Authorization vulnerability in Yassine Idrissi Maintenance & Coming Soon Redirect... Low Unreviewed
CVE-2024-43944 was published Aug 29, 2024
Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within... Low Unreviewed
CVE-2024-8011 was published Aug 25, 2024
An Stored Cross-site Scripting vulnerability affects Zohocorp ManageEngine ServiceDesk Plus,... Moderate Unreviewed
CVE-2024-38869 was published Aug 23, 2024
An Incorrect Access Control vulnerability was found in /admin/edit_room_controller.php in... Critical Unreviewed
CVE-2024-42773 was published Aug 22, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 17.1.6... Moderate Unreviewed
CVE-2024-3127 was published Aug 22, 2024
The Themify Builder plugin for WordPress is vulnerable to unauthorized post duplication due to... Moderate Unreviewed
CVE-2024-7836 was published Aug 22, 2024
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2024-20466 was published Aug 21, 2024
Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability. This... Moderate Unreviewed
CVE-2024-7604 was published Aug 21, 2024
An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2024-6337 was published Aug 20, 2024
An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server, allowing an... Moderate Unreviewed
CVE-2024-7711 was published Aug 20, 2024
An issue was discovered in Italtel Embrace 1.6.4. The web application inserts the access token of... High Unreviewed
CVE-2024-31842 was published Aug 20, 2024
Incorrect Authorization vulnerability in Bit Apps Bit Form Pro bitformpro allows Accessing... High Unreviewed
CVE-2024-43250 was published Aug 19, 2024
Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the... Critical Unreviewed
CVE-2024-42966 was published Aug 15, 2024
The Zephyr Project Manager plugin for WordPress is vulnerable to limited privilege escalation in... High Unreviewed
CVE-2024-7624 was published Aug 15, 2024
Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD... Low Unreviewed
CVE-2021-26387 was published Aug 13, 2024
Incorrect Authorization vulnerability in WPWeb Docket (WooCommerce Collections / Wishlist /... High Unreviewed
CVE-2024-43131 was published Aug 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application... Moderate Unreviewed
CVE-2024-41941 was published Aug 13, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application... High Unreviewed
CVE-2024-41939 was published Aug 13, 2024
Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user... High Unreviewed
CVE-2024-7697 was published Aug 12, 2024
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy... High Unreviewed
CVE-2024-7266 was published Aug 7, 2024
Incorrect User Management vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy... High Unreviewed
CVE-2024-7265 was published Aug 7, 2024
CloudStack account-users by default use username and password based authentication for API and UI... High Unreviewed
CVE-2024-42062 was published Aug 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database