Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,606 advisories

Loading
An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi... Moderate Unreviewed
CVE-2023-43491 was published Apr 17, 2024
A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi... High Unreviewed
CVE-2023-45744 was published Apr 17, 2024
An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi... Moderate Unreviewed
CVE-2023-45209 was published Apr 17, 2024
The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated... Critical Unreviewed
CVE-2024-3777 was published Apr 15, 2024
A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL,... Critical Unreviewed
CVE-2024-3765 was published Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... Critical Unreviewed
CVE-2024-29836 was published Apr 15, 2024
gaizhenbiao/chuanhuchatgpt is vulnerable to improper access control, allowing unauthorized access... High Unreviewed
CVE-2024-2217 was published Apr 10, 2024
Users with low privileges (all permissions deselected in the administrator permissions settings)... Moderate Unreviewed
CVE-2024-2731 was published Apr 10, 2024
Microsoft Defender for IoT Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-29054 was published Apr 9, 2024
Azure CycleCloud Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-29993 was published Apr 9, 2024
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-29990 was published Apr 9, 2024
Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-28917 was published Apr 9, 2024
Microsoft Defender for IoT Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-29055 was published Apr 9, 2024
Secure Boot Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-28922 was published Apr 9, 2024
Proxy Driver Spoofing Vulnerability Moderate Unreviewed
CVE-2024-26234 was published Apr 9, 2024
Azure Compute Gallery Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-21424 was published Apr 9, 2024
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive... Critical Unreviewed
CVE-2023-1083 was published Apr 9, 2024
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information... Unknown Unreviewed
CVE-2024-2759 was published Apr 4, 2024
A vulnerability classified as problematic was found in ThingsBoard up to 3.6.2. This... Moderate Unreviewed
CVE-2024-3270 was published Apr 4, 2024
A vulnerability in the tenant security implementation of Cisco Nexus Dashboard Orchestrator (NDO)... Moderate Unreviewed
CVE-2024-20302 was published Apr 3, 2024
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to learn... Moderate Unreviewed
CVE-2024-20283 was published Apr 3, 2024
Improper Access Controlvulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Unknown Unreviewed
CVE-2024-28016 was published Mar 28, 2024
Dell InsightIQ, version 5.0, contains an improper access control vulnerability. A remote low... High Unreviewed
CVE-2024-25962 was published Mar 27, 2024
Improper access control vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and... Moderate Unreviewed
CVE-2024-1144 was published Mar 19, 2024
Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control... Moderate Unreviewed
CVE-2024-26119 was published Mar 18, 2024
ProTip! Advisories are also available from the GraphQL API