GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,265 advisories
Filter by severity
Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are...
Critical
Unreviewed
CVE-2023-41721
was published
Oct 25, 2023
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15...
High
Unreviewed
CVE-2024-44667
was published
Sep 10, 2024
Microsoft SQL Server Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-37341
was published
Sep 10, 2024
Azure Stack Hub Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2024-38220
was published
Sep 10, 2024
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-43492
was published
Sep 10, 2024
Microsoft Power Automate Desktop Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-43479
was published
Sep 10, 2024
An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6...
Moderate
Unreviewed
CVE-2024-45323
was published
Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Moderate
Unreviewed
CVE-2024-37993
was published
Sep 10, 2024
A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) (All...
Moderate
Unreviewed
CVE-2024-21483
was published
Mar 12, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control...
Moderate
Unreviewed
CVE-2024-39580
was published
Sep 10, 2024
fs.openAsBlob() can bypass the experimental permission model when using the file system read...
High
Unreviewed
CVE-2023-30583
was published
Sep 7, 2024
A vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental...
High
Unreviewed
CVE-2023-30587
was published
Sep 7, 2024
A vulnerability has been identified in Node.js version 20, affecting users of the experimental...
Moderate
Unreviewed
CVE-2023-30582
was published
Sep 7, 2024
In Baxter Connex health portal released before 8/30/2024, an improper access control...
High
Unreviewed
CVE-2024-6796
was published
Sep 9, 2024
An incorrect permission assignment vulnerability allows an attacker to modify product...
High
Unreviewed
CVE-2024-42022
was published
Sep 7, 2024
An improper access control vulnerability allows low-privileged users to execute code with...
High
Unreviewed
CVE-2024-42023
was published
Sep 7, 2024
An improper access control vulnerability allows an attacker with valid access tokens to access...
High
Unreviewed
CVE-2024-42021
was published
Sep 7, 2024
Orca HCM from LEARNING DIGITAL does not properly restrict access to a specific functionality,...
Critical
Unreviewed
CVE-2024-8584
was published
Sep 9, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are...
High
Unreviewed
CVE-2023-46992
was published
Oct 31, 2023
An improper access control vulnerability has been identified in the SonicWall SonicOS management...
Critical
Unreviewed
CVE-2024-40766
was published
Aug 23, 2024
eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via...
Critical
Unreviewed
CVE-2024-42919
was published
Aug 20, 2024
Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the...
Critical
Unreviewed
CVE-2024-42967
was published
Aug 15, 2024
Incorrect Authorization in calibreweb
Moderate
CVE-2022-0273
was published
for
calibreweb
(pip)
Jan 31, 2022
nGrinder before 3.5.9 allows an attacker to obtain the results of webhook requests due to lack of...
Moderate
Unreviewed
CVE-2024-28216
was published
Mar 7, 2024
nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of...
High
Unreviewed
CVE-2024-28215
was published
Mar 7, 2024
ProTip!
Advisories are also available from the
GraphQL API