Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,257 advisories

Loading
The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an... High Unreviewed
CVE-2024-2098 was published Jun 13, 2024
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos... High Unreviewed
CVE-2024-2698 was published Jun 12, 2024
Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical... Moderate Unreviewed
CVE-2024-0160 was published Jun 12, 2024
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 6.0.0 allows a remote... Moderate Unreviewed
CVE-2024-31403 was published Jun 11, 2024
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote... Moderate Unreviewed
CVE-2024-31402 was published Jun 11, 2024
This issue was addressed with improved permissions checking. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2024-27848 was published Jun 10, 2024
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor... Moderate Unreviewed
CVE-2022-45168 was published Jun 10, 2024
An Incorrect Authorization vulnerability exists in lunary-ai/lunary versions up to and including... High Unreviewed
CVE-2024-5130 was published Jun 6, 2024
An improper authorization vulnerability exists in the mintplex-labs/anything-llm application,... Critical Unreviewed
CVE-2024-3033 was published Jun 6, 2024
The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-5324 was published Jun 6, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6... Moderate Unreviewed
CVE-2024-23669 was published Jun 5, 2024
Incorrect access control in the fingerprint authentication mechanism of Phone Cleaner: Boost &... Critical Unreviewed
CVE-2024-31682 was published Jun 3, 2024
In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions... High Unreviewed
CVE-2024-36963 was published Jun 3, 2024
The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps &... Moderate Unreviewed
CVE-2024-1803 was published May 23, 2024
An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11... Moderate Unreviewed
CVE-2024-5258 was published May 23, 2024
Zoho ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a... High Unreviewed
CVE-2024-27312 was published May 20, 2024
MSI Afterburner v4.6.6.16381 Beta 3 is vulnerable to an ACL Bypass vulnerability in the RTCore64... High Unreviewed
CVE-2024-3745 was published May 18, 2024
Incorrect Authorization vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter ... Moderate Unreviewed
CVE-2024-34434 was published May 17, 2024
Certain MQTT wildcards are not blocked on the CyberPower PowerPanel system, which might result... Moderate Unreviewed
CVE-2024-31409 was published May 15, 2024
An authorization issue was addressed with improved state management. This issue is fixed in macOS... High Unreviewed
CVE-2024-27798 was published May 14, 2024
In multiple locations, there is a possible notification listener grant to an app running in the... High Unreviewed
CVE-2024-0043 was published May 7, 2024
Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation... Moderate Unreviewed
CVE-2023-42124 was published May 3, 2024
The Booster for WooCommerce plugin is vulnerable to Unauthenticated Arbitrary Shortcode Execution... Moderate Unreviewed
CVE-2024-3957 was published May 2, 2024
The Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce... Moderate Unreviewed
CVE-2024-1677 was published May 2, 2024
A vulnerability exists in the web-authentication component of the SDM600. If exploited an... High Unreviewed
CVE-2024-2378 was published Apr 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database