GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
59 advisories
Filter by severity
A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is...
Moderate
Unreviewed
CVE-2024-11049
was published
Nov 10, 2024
An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7...
Moderate
Unreviewed
CVE-2024-0456
was published
Jan 26, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.4 before 16.7.6...
Moderate
Unreviewed
CVE-2024-0861
was published
Feb 22, 2024
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5,...
Moderate
Unreviewed
CVE-2023-4018
was published
Sep 1, 2023
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update...
Moderate
Unreviewed
CVE-2023-3426
was published
Aug 2, 2023
A CWE-862 “Missing Authorization” vulnerability in the “measure” functionality of the web...
Moderate
Unreviewed
CVE-2023-45598
was published
Mar 5, 2024
A CWE-862 “Missing Authorization” vulnerability in the “file_configuration” functionality of the...
Moderate
Unreviewed
CVE-2023-45596
was published
Mar 5, 2024
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-7753
was published
Aug 14, 2024
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE...
Moderate
Unreviewed
CVE-2023-44320
was published
Nov 14, 2023
An improper authentication vulnerability affecting Vonets
industrial wifi bridge relays...
Moderate
Unreviewed
CVE-2024-42001
was published
Aug 12, 2024
A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x....
Moderate
Unreviewed
CVE-2024-6414
was published
Jun 30, 2024
A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719....
Moderate
Unreviewed
CVE-2024-7153
was published
Jul 28, 2024
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared...
Moderate
Unreviewed
CVE-2024-7080
was published
Jul 24, 2024
A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic....
Moderate
Unreviewed
CVE-2024-6188
was published
Jun 20, 2024
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230809. It...
Moderate
Unreviewed
CVE-2023-4544
was published
Aug 26, 2023
Mautic uses predictable page indices for unpublished landing pages, their content can be accessed...
Moderate
Unreviewed
CVE-2024-2730
was published
Apr 10, 2024
The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that...
Moderate
Unreviewed
CVE-2023-4800
was published
Oct 16, 2023
JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a...
Moderate
Unreviewed
CVE-2015-1313
was published
Jun 29, 2023
The Contour Service was not checking that users had permission to create an analysis for a given...
Moderate
Unreviewed
CVE-2023-22834
was published
Jun 27, 2023
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated...
Moderate
Unreviewed
CVE-2019-17503
was published
May 24, 2022
A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the...
Moderate
Unreviewed
CVE-2019-1220
was published
May 24, 2022
In Directus 7 API through 2.3.0, remote attackers can read image files via a direct request for a...
Moderate
Unreviewed
CVE-2019-13981
was published
May 24, 2022
PEGA Platform 7.x and 8.x is vulnerable to Information disclosure via a direct prweb/sso...
Moderate
Unreviewed
CVE-2019-16386
was published
May 24, 2022
PEGA Platform 8.3.0 is vulnerable to Information disclosure via a direct prweb/sso/random_token/...
Moderate
Unreviewed
CVE-2019-16388
was published
May 24, 2022
IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized user to obtain sensitive...
Moderate
Unreviewed
CVE-2023-46186
was published
Feb 14, 2024
ProTip!
Advisories are also available from the
GraphQL API