Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,911 advisories

Loading
A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress... Moderate Unreviewed
CVE-2024-20315 was published Mar 13, 2024
A vulnerability in the access control list (ACL) processing on Pseudowire interfaces in the... Moderate Unreviewed
CVE-2024-20322 was published Mar 13, 2024
A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an... Moderate Unreviewed
CVE-2024-20319 was published Mar 13, 2024
The disabling function of the user registration page for Heimavista Rpage and Epage is not... Moderate Unreviewed
CVE-2024-2412 was published Mar 13, 2024
Microsoft Intune Linux Agent Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-26201 was published Mar 12, 2024
Azure Data Studio Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-26203 was published Mar 12, 2024
Windows Installer Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21436 was published Mar 12, 2024
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21418 was published Mar 12, 2024
A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3,... High Unreviewed
CVE-2023-36554 was published Mar 12, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The... Critical Unreviewed
CVE-2022-32257 was published Mar 12, 2024
A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) (All... Moderate Unreviewed
CVE-2024-21483 was published Mar 12, 2024
A vulnerability was found in boyiddha Automated-Mess-Management-System 1.0. It has been declared... Moderate Unreviewed
CVE-2024-2281 was published Mar 8, 2024
nGrinder before 3.5.9 allows an attacker to obtain the results of webhook requests due to lack of... Unknown Unreviewed
CVE-2024-28216 was published Mar 7, 2024
nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of... Unknown Unreviewed
CVE-2024-28215 was published Mar 7, 2024
An authorization bypass vulnerability was discovered in GitLab affecting versions 11.3 prior to... High Unreviewed
CVE-2024-0199 was published Mar 7, 2024
If an attacked was given access to an instance with the admin or manager role there is no backend... High Unreviewed
CVE-2024-0795 was published Mar 3, 2024
A remote attacker may be able to bypass access control of Commend WS203VICM by creating a... Critical Unreviewed
CVE-2024-21767 was published Mar 1, 2024
Mattermost allows attackers access to posts in channels they are not a member of Moderate
CVE-2024-1942 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Mattermost fails to properly restrict the access of files attached to posts Low
CVE-2024-23488 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Mattermost fails to check the "invite_guest" permission Moderate
CVE-2024-1888 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
Mattermost post fetching without auditing in compliance export Moderate
CVE-2024-1887 was published for github.com/mattermost/mattermost/server/v8 (Go) Feb 29, 2024
A vulnerability in the access control list (ACL) programming for port channel subinterfaces of... Moderate Unreviewed
CVE-2024-20291 was published Feb 29, 2024
Low-privileged users with access to the Sitefinity backend may obtain sensitive information from... High Unreviewed
CVE-2024-1632 was published Feb 28, 2024
Dell ECS, versions 3.6 through 3.6.2.5, and 3.7 through 3.7.0.6, and 3.8 through 3.8.0.4 versions... Moderate Unreviewed
CVE-2024-22459 was published Feb 28, 2024
Enable exports of the database and associated exported information of the system via the default... High Unreviewed
CVE-2024-0551 was published Feb 27, 2024
ProTip! Advisories are also available from the GraphQL API