GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
947 advisories
Filter by severity
Azure CycleCloud Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-29993
was published
Apr 9, 2024
Microsoft Defender for IoT Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-29054
was published
Apr 9, 2024
Microsoft Defender for IoT Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-29055
was published
Apr 9, 2024
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all orders...
High
Unreviewed
CVE-2023-36643
was published
Apr 4, 2024
Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to receive all order...
High
Unreviewed
CVE-2023-36644
was published
Apr 4, 2024
SEMCMS 4.8 is vulnerable to Incorrect Access Control. The code installs SEMCMS_Funtion.php before...
High
Unreviewed
CVE-2024-28405
was published
Mar 29, 2024
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and...
High
Unreviewed
CVE-2024-28960
was published
Mar 29, 2024
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for...
High
Unreviewed
CVE-2023-35121
was published
Mar 28, 2024
Dell InsightIQ, version 5.0, contains an improper access control vulnerability. A remote low...
High
Unreviewed
CVE-2024-25962
was published
Mar 27, 2024
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can...
High
Unreviewed
CVE-2024-25736
was published
Mar 27, 2024
Sikka SSCWindowsService 5 2023-09-14 executes a program as LocalSystem but allows full control by...
High
Unreviewed
CVE-2023-50702
was published
Mar 27, 2024
Improper access control in PAM JIT elevation in Devolutions Server 2024.1.6 and earlier allows an...
High
Unreviewed
CVE-2024-2915
was published
Mar 26, 2024
Incorrect access control in Customer Support System v1 allows non-administrator users to access...
High
Unreviewed
CVE-2023-49978
was published
Mar 21, 2024
Broken access control in the component /admin/management/users of School Fees Management System...
High
Unreviewed
CVE-2023-49982
was published
Mar 21, 2024
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control...
High
Unreviewed
CVE-2024-20767
was published
Mar 18, 2024
Siklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated...
High
Unreviewed
CVE-2022-47037
was published
Mar 18, 2024
Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5...
High
Unreviewed
CVE-2024-24693
was published
Mar 13, 2024
A login bypass in TOTOLINK A8000RU V7.1cu.643_B20200521 allows attackers to login to...
High
Unreviewed
CVE-2024-28338
was published
Mar 12, 2024
Azure Data Studio Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-26203
was published
Mar 12, 2024
Windows Installer Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-21436
was published
Mar 12, 2024
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-21418
was published
Mar 12, 2024
A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3,...
High
Unreviewed
CVE-2023-36554
was published
Mar 12, 2024
Improper access control vulnerability exists in the specific folder of SKYSEA Client View...
High
Unreviewed
CVE-2024-21805
was published
Mar 12, 2024
An access issue was addressed with improved access restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-23238
was published
Mar 8, 2024
nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of...
High
Unreviewed
CVE-2024-28215
was published
Mar 7, 2024
ProTip!
Advisories are also available from the
GraphQL API