Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,005 advisories

Loading
Capsule tenant owner with "patch namespace" permission can hijack system namespaces High
CVE-2024-39690 was published for github.com/projectcapsule/capsule (Go) Aug 20, 2024
sparkEchooo
An issue was discovered in Italtel Embrace 1.6.4. The web application inserts the access token of... High Unreviewed
CVE-2024-31842 was published Aug 20, 2024
Kirby has insufficient permission checks in the language settings High
CVE-2024-41964 was published for getkirby/cms (Composer) Aug 29, 2024
SebastianEberlein-JUNO
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while... High Unreviewed
CVE-2024-38868 was published Aug 30, 2024
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1_P160 due to... High Unreviewed
CVE-2024-45587 was published Sep 3, 2024
This vulnerability exists due to improper access controls on APIs in the Authentication module of... High Unreviewed
CVE-2024-45586 was published Sep 3, 2024
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1_P160 due to... High Unreviewed
CVE-2024-45588 was published Sep 3, 2024
This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to... High Unreviewed
CVE-2024-8601 was published Sep 9, 2024
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15... High Unreviewed
CVE-2024-44667 was published Sep 10, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2024-40770 was published Sep 17, 2024
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 16. A... High Unreviewed
CVE-2024-44162 was published Sep 17, 2024
Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows... High Unreviewed
CVE-2024-7108 was published Sep 26, 2024
RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If... High Unreviewed
CVE-2024-47560 was published Oct 1, 2024
Pomerium service account access token may grant unintended access to databroker API High
CVE-2024-47616 was published for github.com/pomerium/pomerium (Go) Oct 2, 2024
Parse Server's custom object ID allows to acquire role privileges High
CVE-2024-47183 was published for parse-server (npm) Oct 4, 2024
mstniy mtrezza
Magento Open Source Improper Authorization vulnerability High
CVE-2024-45132 was published for magento/community-edition (Composer) Oct 10, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.6 prior to 17.2.9... High Unreviewed
CVE-2024-8970 was published Oct 11, 2024
An issue in Hideez com.hideez 2.7.8.3 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2024-48792 was published Oct 14, 2024
Vulnerability in the Oracle Site Hub product of Oracle E-Business Suite (component: Site... High Unreviewed
CVE-2024-21265 was published Oct 15, 2024
Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost... High Unreviewed
CVE-2024-21267 was published Oct 15, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2024-21259 was published Oct 15, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2024-21260 was published Oct 15, 2024
Vulnerability in the Oracle Service Contracts product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2024-21280 was published Oct 15, 2024
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2024-21268 was published Oct 15, 2024
Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite ... High Unreviewed
CVE-2024-21270 was published Oct 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database