Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

325 advisories

Loading
Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve... Critical Unreviewed
CVE-2024-6782 was published Aug 6, 2024
An issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of... Critical Unreviewed
CVE-2023-24052 was published Dec 5, 2023
A client side rate limit issue discovered in Connectize AC21000 G6 641.139.1.1256 allows... Critical Unreviewed
CVE-2023-24051 was published Dec 5, 2023
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-895 FW102b07... Critical Unreviewed
CVE-2023-36091 was published Jul 31, 2023
XWiki programming rights may be inherited by inclusion Critical
CVE-2024-38369 was published for org.xwiki.platform:xwiki-platform-rendering-macro-include (Maven) Jun 24, 2024
Incorrect Authorization vulnerability in Artbees JupiterX Core allows Accessing Functionality Not... Critical Unreviewed
CVE-2023-38389 was published Jun 21, 2024
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability.... Critical Unreviewed
CVE-2023-22518 was published Oct 31, 2023
nats-io/jwt not enforcing checking of Import token permissions Critical
CVE-2021-3127 was published for github.com/nats-io/jwt (Go) Feb 15, 2022
Buildkit's interactive containers API does not validate entitlements check Critical
CVE-2024-23653 was published for github.com/moby/buildkit (Go) Jan 31, 2024
rmcnamara-snyk
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). Critical Unreviewed
CVE-2022-26501 was published Mar 18, 2022
Grafana Fine-grained access control vulnerability Critical
CVE-2021-41244 was published for github.com/grafana/grafana (Go) May 14, 2024
Drupal Core Access bypass vulnerability Critical
CVE-2020-13665 was published for drupal/core (Composer) May 24, 2022
An incorrect authorization vulnerability exists in the lunary-ai/lunary repository, specifically... Critical Unreviewed
CVE-2024-1738 was published Apr 16, 2024
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a... Critical Unreviewed
CVE-2019-14237 was published May 24, 2022
In lunary-ai/lunary version 1.0.1, a vulnerability exists where a user removed from an... Critical Unreviewed
CVE-2024-1740 was published Apr 10, 2024
BMC Server Automation before 8.9.01 patch 1 allows Process Spawner command execution because of... Critical Unreviewed
CVE-2017-9453 was published Sep 5, 2023
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and... Critical Unreviewed
CVE-2023-38035 was published Aug 21, 2023
The Linux DVS server component of Mitel MiVoice Connect through 19.3 SP2 (22.24.1500.0) could... Critical Unreviewed
CVE-2023-32748 was published Aug 14, 2023
KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a... Critical Unreviewed
CVE-2023-33468 was published Aug 9, 2023
In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an... Critical Unreviewed
CVE-2023-36994 was published Jul 7, 2023
Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact... Critical Unreviewed
CVE-2022-44039 was published Jul 6, 2023
Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the... Critical Unreviewed
CVE-2022-46080 was published Jul 6, 2023
Vulnerability of incomplete read and write permission verification in the GPU module. Successful... Critical Unreviewed
CVE-2021-46890 was published Jul 5, 2023
Vulnerability of incomplete read and write permission verification in the GPU module. Successful... Critical Unreviewed
CVE-2021-46891 was published Jul 5, 2023
Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at... Critical Unreviewed
CVE-2023-26258 was published Jul 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database