Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,265 advisories

Loading
Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are... Critical Unreviewed
CVE-2023-41721 was published Oct 25, 2023
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15... High Unreviewed
CVE-2024-44667 was published Sep 10, 2024
Microsoft SQL Server Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-37341 was published Sep 10, 2024
Azure Stack Hub Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-38220 was published Sep 10, 2024
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43492 was published Sep 10, 2024
Microsoft Power Automate Desktop Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43479 was published Sep 10, 2024
An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6... Moderate Unreviewed
CVE-2024-45323 was published Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All... Moderate Unreviewed
CVE-2024-37993 was published Sep 10, 2024
A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) (All... Moderate Unreviewed
CVE-2024-21483 was published Mar 12, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control... Moderate Unreviewed
CVE-2024-39580 was published Sep 10, 2024
fs.openAsBlob() can bypass the experimental permission model when using the file system read... High Unreviewed
CVE-2023-30583 was published Sep 7, 2024
A vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental... High Unreviewed
CVE-2023-30587 was published Sep 7, 2024
A vulnerability has been identified in Node.js version 20, affecting users of the experimental... Moderate Unreviewed
CVE-2023-30582 was published Sep 7, 2024
In Baxter Connex health portal released before 8/30/2024, an improper access control... High Unreviewed
CVE-2024-6796 was published Sep 9, 2024
An incorrect permission assignment vulnerability allows an attacker to modify product... High Unreviewed
CVE-2024-42022 was published Sep 7, 2024
An improper access control vulnerability allows low-privileged users to execute code with... High Unreviewed
CVE-2024-42023 was published Sep 7, 2024
An improper access control vulnerability allows an attacker with valid access tokens to access... High Unreviewed
CVE-2024-42021 was published Sep 7, 2024
Orca HCM from LEARNING DIGITAL does not properly restrict access to a specific functionality,... Critical Unreviewed
CVE-2024-8584 was published Sep 9, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are... High Unreviewed
CVE-2023-46992 was published Oct 31, 2023
An improper access control vulnerability has been identified in the SonicWall SonicOS management... Critical Unreviewed
CVE-2024-40766 was published Aug 23, 2024
eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via... Critical Unreviewed
CVE-2024-42919 was published Aug 20, 2024
Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the... Critical Unreviewed
CVE-2024-42967 was published Aug 15, 2024
Incorrect Authorization in calibreweb Moderate
CVE-2022-0273 was published for calibreweb (pip) Jan 31, 2022
nGrinder before 3.5.9 allows an attacker to obtain the results of webhook requests due to lack of... Moderate Unreviewed
CVE-2024-28216 was published Mar 7, 2024
nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of... High Unreviewed
CVE-2024-28215 was published Mar 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database