Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

87 advisories

Loading
Backoffice User can bypass "Publish" restriction Low
CVE-2023-48227 was published for Umbraco.CMS (NuGet) Dec 13, 2023
roie-shmuel
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed... Low Unreviewed
CVE-2023-51380 was published Dec 21, 2023
Nautobot missing object-level permissions enforcement when running Job Buttons Low
CVE-2023-51649 was published for nautobot (pip) Dec 22, 2023
abdikanipd
changedetection.io API endpoint is not secured with API token Low
CVE-2024-23329 was published for changedetection-io (pip) Jan 23, 2024
rozpuszczalny
Improper authorization verification vulnerability in Samsung Internet prior to version 24.0... Low Unreviewed
CVE-2024-20828 was published Feb 6, 2024
Mattermost Jira Plugin does not properly check security levels Low
CVE-2024-24774 was published for github.com/mattermost/mattermost-plugin-jira (Go) Feb 9, 2024
MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service Low
CVE-2024-27086 was published for Microsoft.Identity.Client (NuGet) Apr 16, 2024
localden bgavrilMS
gladjohn pmaytak jmprieur christothes ntc-swiss-team
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11... Low Unreviewed
CVE-2024-4011 was published Jun 27, 2024
aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own services Low
CVE-2024-39324 was published for aimeos/ai-admin-graphql (Composer) Jul 2, 2024
ssshah2131
Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within... Low Unreviewed
CVE-2024-8011 was published Aug 25, 2024
Incorrect Authorization vulnerability in Yassine Idrissi Maintenance & Coming Soon Redirect... Low Unreviewed
CVE-2024-43944 was published Aug 29, 2024
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to... Low Unreviewed
CVE-2024-44114 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API