Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,177 advisories

Loading
Mattermost failed to properly validate that the channel that comes from the sync message is a shared channel High
CVE-2024-39274 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
The Breakdance plugin for WordPress is vulnerable to unauthorized access of data in all versions... Moderate Unreviewed
CVE-2024-5331 was published Aug 1, 2024
Studio 42 elFinder vulnerable to Incorrect Access Control High
CVE-2024-38909 was published for studio-42/elfinder (Composer) Jul 30, 2024
An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. There is Incorrect Access Control. Critical Unreviewed
CVE-2024-28805 was published Jul 29, 2024
A flaw in versions of Delphix Data Control Tower (DCT) prior to 19.0.0 results in broken... Moderate Unreviewed
CVE-2024-6727 was published Jul 29, 2024
A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u... Moderate Unreviewed
CVE-2024-7154 was published Jul 28, 2024
Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows... Critical Unreviewed
CVE-2024-40117 was published Jul 26, 2024
Insecure permissions in kuma v2.7.0 allows attackers to access sensitive data and escalate... High Unreviewed
CVE-2024-36542 was published Jul 25, 2024
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 16.7... Moderate Unreviewed
CVE-2024-7057 was published Jul 25, 2024
Insecure permissions in cert-manager v1.14.4 allows attackers to access sensitive data and... High Unreviewed
CVE-2024-36537 was published Jul 24, 2024
Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate... Critical Unreviewed
CVE-2024-36535 was published Jul 24, 2024
Insecure permissions in external-secrets v0.9.16 allows attackers to access sensitive data and... Critical Unreviewed
CVE-2024-36540 was published Jul 24, 2024
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to... Critical Unreviewed
CVE-2024-38164 was published Jul 24, 2024
LibreChat through 0.7.4-rc1 has incorrect access control for message updates. (Work on a fixed... Critical Unreviewed
CVE-2024-41703 was published Jul 22, 2024
Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E... High Unreviewed
CVE-2024-21153 was published Jul 17, 2024
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Partners). ... Moderate Unreviewed
CVE-2024-21169 was published Jul 17, 2024
An issue was found in upload.php on the Ruijie EG-2000 series gateway. A parameter passed to the... High Unreviewed
CVE-2019-16640 was published Jul 16, 2024
An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.25, 4.4.0 through... Moderate Unreviewed
CVE-2024-37386 was published Jul 15, 2024
The access control in the Electronic Official Document Management System from 2100 TECHNOLOGY is... High Unreviewed
CVE-2024-6737 was published Jul 15, 2024
The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing... Moderate Unreviewed
CVE-2024-6738 was published Jul 15, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11... Critical Unreviewed
CVE-2024-6385 was published Jul 11, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.0.4... Low Unreviewed
CVE-2024-5470 was published Jul 11, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.0.4... Moderate Unreviewed
CVE-2024-5257 was published Jul 11, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 16.11... Low Unreviewed
CVE-2024-2880 was published Jul 11, 2024
BookStack Incorrect Access Control vulnerability High
CVE-2024-36676 was published for ssddanbrown/bookstack (Composer) Jul 10, 2024
ProTip! Advisories are also available from the GraphQL API