GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,606 advisories
Filter by severity
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control...
High
Unreviewed
CVE-2024-20767
was published
Mar 18, 2024
BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) ...
Moderate
Unreviewed
CVE-2024-1605
was published
Mar 18, 2024
A vulnerability, which was classified as critical, was found in Surya2Developer Hostel Management...
Moderate
Unreviewed
CVE-2024-2481
was published
Mar 15, 2024
Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5...
High
Unreviewed
CVE-2024-24693
was published
Mar 13, 2024
A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress...
Moderate
Unreviewed
CVE-2024-20315
was published
Mar 13, 2024
A vulnerability in the access control list (ACL) processing on Pseudowire interfaces in the...
Moderate
Unreviewed
CVE-2024-20322
was published
Mar 13, 2024
A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an...
Moderate
Unreviewed
CVE-2024-20319
was published
Mar 13, 2024
The disabling function of the user registration page for Heimavista Rpage and Epage is not...
Moderate
Unreviewed
CVE-2024-2412
was published
Mar 13, 2024
Microsoft Intune Linux Agent Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-26201
was published
Mar 12, 2024
Azure Data Studio Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-26203
was published
Mar 12, 2024
Windows Installer Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-21436
was published
Mar 12, 2024
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-21418
was published
Mar 12, 2024
A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3,...
High
Unreviewed
CVE-2023-36554
was published
Mar 12, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The...
Critical
Unreviewed
CVE-2022-32257
was published
Mar 12, 2024
A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) (All...
Moderate
Unreviewed
CVE-2024-21483
was published
Mar 12, 2024
A vulnerability was found in boyiddha Automated-Mess-Management-System 1.0. It has been declared...
Moderate
Unreviewed
CVE-2024-2281
was published
Mar 8, 2024
nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of...
Unknown
Unreviewed
CVE-2024-28215
was published
Mar 7, 2024
nGrinder before 3.5.9 allows an attacker to obtain the results of webhook requests due to lack of...
Unknown
Unreviewed
CVE-2024-28216
was published
Mar 7, 2024
An authorization bypass vulnerability was discovered in GitLab affecting versions 11.3 prior to...
High
Unreviewed
CVE-2024-0199
was published
Mar 7, 2024
If an attacked was given access to an instance with the admin or manager role there is no backend...
High
Unreviewed
CVE-2024-0795
was published
Mar 3, 2024
A remote attacker may be able to bypass access control of Commend WS203VICM by creating a...
Critical
Unreviewed
CVE-2024-21767
was published
Mar 1, 2024
A vulnerability in the access control list (ACL) programming for port channel subinterfaces of...
Moderate
Unreviewed
CVE-2024-20291
was published
Feb 29, 2024
Low-privileged users with access to the Sitefinity backend may obtain sensitive information from...
High
Unreviewed
CVE-2024-1632
was published
Feb 28, 2024
Dell ECS, versions 3.6 through 3.6.2.5, and 3.7 through 3.7.0.6, and 3.8 through 3.8.0.4 versions...
Moderate
Unreviewed
CVE-2024-22459
was published
Feb 28, 2024
Enable exports of the database and associated exported information of the system via the default...
High
Unreviewed
CVE-2024-0551
was published
Feb 27, 2024
ProTip!
Advisories are also available from the
GraphQL API