Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

387 advisories

Loading
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The... Critical Unreviewed
CVE-2022-32257 was published Mar 12, 2024
An issue was discovered in Lustre versions 2.13.x, 2.14.x, and 2.15.x before 2.15.4, allows... Critical Unreviewed
CVE-2023-51786 was published Mar 7, 2024
Incorrect access control in Book Store Management System v1 allows attackers to access... Critical Unreviewed
CVE-2023-49543 was published Mar 2, 2024
A remote attacker may be able to bypass access control of Commend WS203VICM by creating a... Critical Unreviewed
CVE-2024-21767 was published Mar 1, 2024
An issue was discovered in Couchbase Server before 7.2.4. SQL++ cURL calls to /diag/eval are not... Critical Unreviewed
CVE-2023-49931 was published Feb 29, 2024
An issue was discovered in Couchbase Server before 7.2.4. cURL calls to /diag/eval are not... Critical Unreviewed
CVE-2023-49930 was published Feb 29, 2024
An issue was discovered in RWS WorldServer before 11.7.3. Regular users can create users with the... Critical Unreviewed
CVE-2022-34270 was published Feb 29, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2023-42945 was published Feb 21, 2024
4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set... Critical Unreviewed
CVE-2024-24300 was published Feb 15, 2024
Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21401 was published Feb 13, 2024
Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-21376 was published Feb 13, 2024
Microsoft Azure Site Recovery Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21364 was published Feb 13, 2024
An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the... Critical Unreviewed
CVE-2024-24496 was published Feb 8, 2024
Inadequate access control in the C21 Live Encoder and Live Mosaic product, version 5.3. This... Critical Unreviewed
CVE-2024-0642 was published Jan 17, 2024
EverShop at risk to unauthorized access via weak HMAC secret Critical
CVE-2023-46943 was published for @evershop/evershop (npm) Jan 13, 2024
@clerk/nextjs auth() and getAuth() methods vulnerable to insecure direct object reference (IDOR) Critical
CVE-2024-22206 was published for @clerk/nextjs (npm) Jan 12, 2024
nikosdouvlis SokratisVidros
colinclerk agis braden-clerk brkalow
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16... Critical Unreviewed
CVE-2023-7028 was published Jan 12, 2024
Drupal Improper Access Control Critical
CVE-2019-6342 was published for drupal/core (Composer) Jan 11, 2024
Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device... Critical Unreviewed
CVE-2022-46025 was published Jan 10, 2024
In default installations of Microchip maxView Storage Manager (for Adaptec Smart Storage... Critical Unreviewed
CVE-2024-22216 was published Jan 8, 2024
EuroTel ETL3100 versions v01c01 and v01x37 suffer from an unauthenticated configuration... Critical Unreviewed
CVE-2023-6930 was published Dec 20, 2023
An improper access control vulnerability exists in RT-AC87U all versions. An attacker may read or... Critical Unreviewed
CVE-2023-47678 was published Nov 15, 2023
A vulnerability has been identified in COMOS (All versions). The affected application lacks... Critical Unreviewed
CVE-2023-43505 was published Nov 14, 2023
A vulnerability has been identified in COMOS (All versions). The affected application lacks... Critical Unreviewed
CVE-2023-46601 was published Nov 14, 2023
SAP Business One installation - version 10.0, does not perform proper authentication and... Critical Unreviewed
CVE-2023-31403 was published Nov 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database