GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,606 advisories
Filter by severity
An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi...
Moderate
Unreviewed
CVE-2023-43491
was published
Apr 17, 2024
A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi...
High
Unreviewed
CVE-2023-45744
was published
Apr 17, 2024
An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi...
Moderate
Unreviewed
CVE-2023-45209
was published
Apr 17, 2024
The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated...
Critical
Unreviewed
CVE-2024-3777
was published
Apr 15, 2024
A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL,...
Critical
Unreviewed
CVE-2024-3765
was published
Apr 15, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly...
Critical
Unreviewed
CVE-2024-29836
was published
Apr 15, 2024
gaizhenbiao/chuanhuchatgpt is vulnerable to improper access control, allowing unauthorized access...
High
Unreviewed
CVE-2024-2217
was published
Apr 10, 2024
Users with low privileges (all permissions deselected in the administrator permissions settings)...
Moderate
Unreviewed
CVE-2024-2731
was published
Apr 10, 2024
Microsoft Defender for IoT Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-29054
was published
Apr 9, 2024
Azure CycleCloud Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-29993
was published
Apr 9, 2024
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2024-29990
was published
Apr 9, 2024
Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-28917
was published
Apr 9, 2024
Microsoft Defender for IoT Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-29055
was published
Apr 9, 2024
Secure Boot Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-28922
was published
Apr 9, 2024
Azure Compute Gallery Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-21424
was published
Apr 9, 2024
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive...
Critical
Unreviewed
CVE-2023-1083
was published
Apr 9, 2024
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information...
Unknown
Unreviewed
CVE-2024-2759
was published
Apr 4, 2024
A vulnerability classified as problematic was found in ThingsBoard up to 3.6.2. This...
Moderate
Unreviewed
CVE-2024-3270
was published
Apr 4, 2024
A vulnerability in the tenant security implementation of Cisco Nexus Dashboard Orchestrator (NDO)...
Moderate
Unreviewed
CVE-2024-20302
was published
Apr 3, 2024
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to learn...
Moderate
Unreviewed
CVE-2024-20283
was published
Apr 3, 2024
Improper Access Controlvulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,...
Unknown
Unreviewed
CVE-2024-28016
was published
Mar 28, 2024
Dell InsightIQ, version 5.0, contains an improper access control vulnerability. A remote low...
High
Unreviewed
CVE-2024-25962
was published
Mar 27, 2024
Improper access control vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and...
Moderate
Unreviewed
CVE-2024-1144
was published
Mar 19, 2024
Adobe Experience Manager versions 6.5.19 and earlier are affected by an Improper Access Control...
Moderate
Unreviewed
CVE-2024-26119
was published
Mar 18, 2024
ProTip!
Advisories are also available from the
GraphQL API