Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,051 advisories

Loading
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss... Moderate Unreviewed
CVE-2024-5860 was published Jun 18, 2024
Acrobat Mobile Sign Android versions 24.4.2.33155 and earlier are affected by an Incorrect... Moderate Unreviewed
CVE-2024-34130 was published Jun 13, 2024
Magento Open Source Incorrect Authorization vulnerability Moderate
CVE-2024-34106 was published for magento/community-edition (Composer) Jun 13, 2024
Globus `identity_provider` restriction ignored when used with `allow_all` in JupyterHub 5.0 High
CVE-2024-37300 was published for oauthenticator (pip) Jun 12, 2024
minrk yuvipanda
manics
Apache Submarine Server Core Incorrect Authorization vulnerability Critical
CVE-2024-36265 was published for apache-submarine (Maven) Jun 12, 2024
Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical... Moderate Unreviewed
CVE-2024-0160 was published Jun 12, 2024
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos... High Unreviewed
CVE-2024-2698 was published Jun 12, 2024
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 6.0.0 allows a remote... Moderate Unreviewed
CVE-2024-31403 was published Jun 11, 2024
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote... Moderate Unreviewed
CVE-2024-31402 was published Jun 11, 2024
This issue was addressed with improved permissions checking. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2024-27848 was published Jun 10, 2024
lunary-ai/lunary allows users unauthorized access to projects Critical
CVE-2024-4146 was published for lunary (npm) Jun 8, 2024
An Incorrect Authorization vulnerability exists in lunary-ai/lunary versions up to and including... High Unreviewed
CVE-2024-5130 was published Jun 6, 2024
The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-5324 was published Jun 6, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6... Moderate Unreviewed
CVE-2024-23669 was published Jun 5, 2024
TYPO3 Broken Access Control in Import Module Moderate
GHSA-g776-759r-pf6x was published for typo3/cms-core (Composer) May 30, 2024
Silverstripe SiteTree Creation Permission Vulnerability High
GHSA-3mm9-2p44-rw39 was published for silverstripe/cms (Composer) May 22, 2024
MSI Afterburner v4.6.6.16381 Beta 3 is vulnerable to an ACL Bypass vulnerability in the RTCore64... High Unreviewed
CVE-2024-3745 was published May 18, 2024
Incorrect Authorization vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter ... Moderate Unreviewed
CVE-2024-34434 was published May 17, 2024
Grafana account takeover via OAuth vulnerability High
CVE-2022-31107 was published for github.com/grafana/grafana (Go) May 14, 2024
Grafana API IDOR Moderate
CVE-2022-21713 was published for github.com/grafana/grafana (Go) May 14, 2024
Grafana Fine-grained access control vulnerability Critical
CVE-2021-41244 was published for github.com/grafana/grafana (Go) May 14, 2024
Ant Media Server does not properly authorize non-administrative API calls Moderate
CVE-2024-3462 was published for io.antmedia:ant-media-server (Maven) May 14, 2024
Deno permission escalation vulnerability via open of privileged files with missing `--deny` flag High
CVE-2024-34346 was published for deno (Rust) May 8, 2024
mmastrac
Apache Superset Incorrect Authorization vulnerability Moderate
CVE-2024-28148 was published for apache-superset (pip) May 7, 2024
Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation... Moderate Unreviewed
CVE-2023-42124 was published May 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database