Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,669 advisories

Loading
Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3... Moderate Unreviewed
CVE-2024-25604 was published Feb 20, 2024
In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage... Moderate Unreviewed
CVE-2024-28174 was published Mar 6, 2024
A privilege escalation vulnerability was discovered in GitLab affecting versions 16.8 prior to 16... Moderate Unreviewed
CVE-2024-1299 was published Mar 7, 2024
In JetBrains YouTrack before 2024.1.25893 user without appropriate permissions could restore... Moderate Unreviewed
CVE-2024-28229 was published Mar 7, 2024
SAP Fiori Front End Server - version 605, allows altering of approver details on the read-only... Moderate Unreviewed
CVE-2024-22133 was published Mar 12, 2024
A vulnerability has been identified in Siveillance Control (All versions >= V2.8 < V3.1.1). The... Moderate Unreviewed
CVE-2023-45793 was published Mar 12, 2024
In Delinea PAM Secret Server 11.4, it is possible for a user (with access to the Report... Critical Unreviewed
CVE-2024-25652 was published Mar 14, 2024
Improper authorization in the report management and creation module of BMC Control-M branches 9.0... Moderate Unreviewed
CVE-2024-1604 was published Mar 18, 2024
Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management (ZCM) allows... High Unreviewed
CVE-2023-6400 was published Mar 27, 2024
In JetBrains TeamCity before 2024.03 authenticated users without administrative permissions could... Moderate Unreviewed
CVE-2024-31134 was published Mar 28, 2024
In lunary-ai/lunary version 1.0.1, a vulnerability exists where a user removed from an... Critical Unreviewed
CVE-2024-1740 was published Apr 10, 2024
An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary... High Unreviewed
CVE-2024-1625 was published Apr 10, 2024
An incorrect authorization vulnerability exists in the lunary-ai/lunary repository, specifically... Critical Unreviewed
CVE-2024-1738 was published Apr 16, 2024
Incorrect Authorization vulnerability in Supsystic Data Tables Generator.This issue affects Data... Moderate Unreviewed
CVE-2023-25043 was published Apr 17, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16... Moderate Unreviewed
CVE-2024-4006 was published Apr 25, 2024
A vulnerability exists in the web-authentication component of the SDM600. If exploited an... High Unreviewed
CVE-2024-2378 was published Apr 30, 2024
Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation... Moderate Unreviewed
CVE-2023-42124 was published May 3, 2024
Incorrect Authorization vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter ... Moderate Unreviewed
CVE-2024-34434 was published May 17, 2024
MSI Afterburner v4.6.6.16381 Beta 3 is vulnerable to an ACL Bypass vulnerability in the RTCore64... High Unreviewed
CVE-2024-3745 was published May 18, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6... Moderate Unreviewed
CVE-2024-23669 was published Jun 5, 2024
The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-5324 was published Jun 6, 2024
An Incorrect Authorization vulnerability exists in lunary-ai/lunary versions up to and including... High Unreviewed
CVE-2024-5130 was published Jun 6, 2024
This issue was addressed with improved permissions checking. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2024-27848 was published Jun 10, 2024
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote... Moderate Unreviewed
CVE-2024-31402 was published Jun 11, 2024
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 6.0.0 allows a remote... Moderate Unreviewed
CVE-2024-31403 was published Jun 11, 2024
ProTip! Advisories are also available from the GraphQL API