Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,265 advisories

Loading
The Android Mobile Whale browser app before 3.0.1.2 allows the attacker to bypass its browser... Moderate Unreviewed
CVE-2023-25632 was published Nov 27, 2023
Bonitasoft Runtime Community edition's contains an insecure direct object references vulnerability Moderate
CVE-2024-28087 was published for org.bonitasoft.engine:bonita-server (Maven) May 15, 2024
An issue was discovered in the Boomerang Parental Control application before 13.83 for Android.... Moderate Unreviewed
CVE-2023-36620 was published Nov 3, 2023
An issue in BoltWire v.6.03 allows a remote attacker to obtain sensitive information via a... Critical Unreviewed
CVE-2023-46501 was published Nov 7, 2023
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper or... High Unreviewed
CVE-2024-45170 was published Sep 4, 2024
Borg Improper Access Control vulnerability High
CVE-2017-15914 was published for borgbackup (pip) May 13, 2022
Mattermost allows remote actor to set arbitrary RemoteId values for synced users Low
CVE-2024-41926 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access... Critical Unreviewed
CVE-2024-45509 was published Sep 2, 2024
Permission control vulnerability in the call module. Successful exploitation of this... High Unreviewed
CVE-2023-46759 was published Nov 8, 2023
Vulnerability of input parameters being not strictly verified in the input. Successful... Moderate Unreviewed
CVE-2023-46755 was published Nov 8, 2023
Insufficient access checks in Visual Planning Admin Center 8 before v.1 Build 240207 allow... High Unreviewed
CVE-2023-49233 was published Sep 3, 2024
Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device... Critical Unreviewed
CVE-2022-46025 was published Jan 10, 2024
An Incorrect Access Control vulnerability in "/admin/programm/<program_id>/export/statistics" in... High Unreviewed
CVE-2024-41518 was published Aug 2, 2024
A vulnerability in UniswapFrontRunBot 0xdB94c allows attackers to cause financial losses via... High Unreviewed
CVE-2023-47034 was published Jan 19, 2024
MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in... Moderate Unreviewed
CVE-2023-41570 was published Nov 15, 2023
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting... Critical Unreviewed
CVE-2024-45522 was published Sep 2, 2024
Incorrect access control in the AdHoc User creation form of EMSigner v2.8.7 allows... Moderate Unreviewed
CVE-2023-43901 was published Nov 14, 2023
EverShop at risk to unauthorized access via weak HMAC secret High
CVE-2023-46943 was published for @evershop/evershop (npm) Jan 13, 2024
An access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows... High Unreviewed
CVE-2023-51070 was published Jan 13, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2024-20932 was published Jan 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2024-20952 was published Jan 17, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11... Low Unreviewed
CVE-2024-4011 was published Jun 27, 2024
An improper access control vulnerability exists in GitLab Remote Development affecting all... Moderate Unreviewed
CVE-2023-6955 was published Jan 12, 2024
Powermail TYPO3 extension Broken Access Control in the OutputController Moderate
CVE-2024-45233 was published for in2code/powermail (Composer) Aug 29, 2024
A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 ... High Unreviewed
CVE-2022-23829 was published Jun 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database