GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
541 advisories
Filter by severity
DedeCMS V5.7.114 is vulnerable to deletion of any file via mail_file_manage.php.
Critical
Unreviewed
CVE-2024-33749
was published
May 6, 2024
A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application...
Moderate
Unreviewed
CVE-2023-41819
was published
May 3, 2024
D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-44410
was published
May 3, 2024
D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-32168
was published
May 3, 2024
An RBAC authorization risk in Carina v0.13.0 and earlier allows local attackers to execute...
Moderate
Unreviewed
CVE-2024-32359
was published
May 2, 2024
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight...
High
Unreviewed
CVE-2023-47166
was published
May 1, 2024
An incorrect authorization vulnerability has been reported to affect several QNAP operating...
High
Unreviewed
CVE-2023-50363
was published
Apr 26, 2024
Quarkus: authorization flaw in quarkus resteasy reactive and classic
Moderate
CVE-2023-5675
was published
for
io.quarkus:quarkus-resteasy-reactive-common
(Maven)
Apr 25, 2024
A race condition flaw was found in sssd where the GPO policy is not consistently applied for...
High
Unreviewed
CVE-2023-3758
was published
Apr 18, 2024
Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed...
Moderate
Unreviewed
CVE-2024-3840
was published
Apr 17, 2024
OpenFGA Authorization Bypass
High
CVE-2024-31452
was published
for
github.com/openfga/openfga
(Go)
Apr 16, 2024
lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members...
Critical
Unreviewed
CVE-2024-1741
was published
Apr 10, 2024
Azure Migrate Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-26193
was published
Apr 9, 2024
Permission verification vulnerability in the Settings module.
Impact: Successful exploitation of...
High
Unreviewed
CVE-2023-52539
was published
Apr 8, 2024
A vulnerability classified as critical was found in CP Plus Wi-Fi Camera up to 20240401. Affected...
Moderate
Unreviewed
CVE-2024-3434
was published
Apr 8, 2024
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline
Low
CVE-2024-30260
was published
for
undici
(npm)
Apr 4, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Computer...
Moderate
Unreviewed
CVE-2024-3139
was published
Apr 2, 2024
A vulnerability was found in FLIR AX8 up to 1.46.16. It has been rated as critical. This issue...
Moderate
Unreviewed
CVE-2024-3013
was published
Mar 28, 2024
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, where it allows a guest...
High
Unreviewed
CVE-2024-0077
was published
Mar 28, 2024
A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco...
Moderate
Unreviewed
CVE-2024-20333
was published
Mar 27, 2024
Privileges are not fully verified server-side, which can be abused by a user with limited...
High
Unreviewed
CVE-2024-28029
was published
Mar 22, 2024
GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspace
High
CVE-2024-29033
was published
for
oauthenticator
(pip)
Mar 20, 2024
A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as...
Moderate
Unreviewed
CVE-2024-2641
was published
Mar 20, 2024
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-2557
was published
Mar 17, 2024
An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0...
Moderate
Unreviewed
CVE-2024-21761
was published
Mar 12, 2024
ProTip!
Advisories are also available from the
GraphQL API