Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,257 advisories

Loading
In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore... Moderate Unreviewed
CVE-2024-28229 was published Mar 7, 2024
A privilege escalation vulnerability was discovered in GitLab affecting versions 16.8 prior to 16... Moderate Unreviewed
CVE-2024-1299 was published Mar 7, 2024
An authorization bypass vulnerability was discovered in GitLab affecting versions 11.3 prior to... High Unreviewed
CVE-2024-0199 was published Mar 7, 2024
In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage... Moderate Unreviewed
CVE-2024-28174 was published Mar 6, 2024
IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user... Moderate Unreviewed
CVE-2023-47716 was published Mar 1, 2024
A vulnerability in the access control list (ACL) programming for port channel subinterfaces of... Moderate Unreviewed
CVE-2024-20291 was published Feb 29, 2024
An issue has been discovered in GitLab affecting all versions before 16.7.6, all versions... Low Unreviewed
CVE-2023-3509 was published Feb 22, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2023-42860 was published Feb 21, 2024
Incorrect permissions in the installation directories for shared SystemLink Elixir based services... High Unreviewed
CVE-2024-1155 was published Feb 20, 2024
Incorrect directory permissions for the shared NI RabbitMQ service may allow a local... High Unreviewed
CVE-2024-1156 was published Feb 20, 2024
Permission control vulnerability in the package management module.Successful exploitation of this... High Unreviewed
CVE-2023-52374 was published Feb 18, 2024
The VerifiedBoot module has a vulnerability that may cause authentication errors.Successful... High Unreviewed
CVE-2023-52361 was published Feb 18, 2024
SnapCenter versions 4.8 prior to 5.0 are susceptible to a vulnerability which could allow an... Moderate Unreviewed
CVE-2024-21987 was published Feb 16, 2024
In shouldUseNoOpLocation of CameraActivity.java, there is a possible confused deputy due to a... Moderate Unreviewed
CVE-2024-0017 was published Feb 16, 2024
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed
CVE-2024-1482 was published Feb 14, 2024
When LDAP remote authentication is configured on F5OS, a remote user without an assigned role... Moderate Unreviewed
CVE-2024-24966 was published Feb 14, 2024
The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect... Critical Unreviewed
CVE-2023-6036 was published Feb 12, 2024
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with... High Unreviewed
CVE-2023-51761 was published Feb 9, 2024
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with... Moderate Unreviewed
CVE-2023-43609 was published Feb 9, 2024
An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3,... Moderate Unreviewed
CVE-2023-6564 was published Feb 8, 2024
Improper authorization verification vulnerability in Samsung Internet prior to version 24.0... Low Unreviewed
CVE-2024-20828 was published Feb 6, 2024
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up... Moderate Unreviewed
CVE-2023-6963 was published Feb 6, 2024
An incorrect authorization vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed
CVE-2023-32967 was published Feb 2, 2024
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an... High Unreviewed
CVE-2023-47142 was published Feb 2, 2024
Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute... High Unreviewed
CVE-2024-22938 was published Jan 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database