GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
947 advisories
Filter by severity
An authorization bypass vulnerability was discovered in GitLab affecting versions 11.3 prior to...
High
Unreviewed
CVE-2024-0199
was published
Mar 7, 2024
TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate...
High
Unreviewed
CVE-2023-43318
was published
Mar 6, 2024
Multilaser RE160 v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01, Multilaser RE160V v12.03.01.08_pt and...
High
Unreviewed
CVE-2023-38945
was published
Mar 6, 2024
An issue in Multilaser RE160 firmware v5.07.51_pt_MTL01 and v5.07.52_pt_MTL01 allows attackers to...
High
Unreviewed
CVE-2023-38946
was published
Mar 6, 2024
If an attacked was given access to an instance with the admin or manager role there is no backend...
High
Unreviewed
CVE-2024-0795
was published
Mar 3, 2024
A directory listing vulnerability in Customer Support System v1 allows attackers to list...
High
Unreviewed
CVE-2023-49545
was published
Mar 2, 2024
Linksys E2000 Ver.1.0.06 build 1 is vulnerable to authentication bypass via the position.js file.
High
Unreviewed
CVE-2024-27497
was published
Mar 1, 2024
Low-privileged users with access to the Sitefinity backend may obtain sensitive information from...
High
Unreviewed
CVE-2024-1632
was published
Feb 28, 2024
Enable exports of the database and associated exported information of the system via the default...
High
Unreviewed
CVE-2024-0551
was published
Feb 27, 2024
code-projects Agro-School Management System 1.0 is suffers from Incorrect Access Control.
High
Unreviewed
CVE-2024-25251
was published
Feb 22, 2024
An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to...
High
Unreviewed
CVE-2024-0410
was published
Feb 22, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2023-42860
was published
Feb 21, 2024
An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS...
High
Unreviewed
CVE-2023-42838
was published
Feb 21, 2024
An access control issue in /usr/sbin/httpd in Tenda TX9 V1 V22.03.02.54, Tenda AX3 V3 V16.03.12...
High
Unreviewed
CVE-2023-47422
was published
Feb 21, 2024
Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated
High
CVE-2024-22234
was published
for
org.springframework.security:spring-security-core
(Maven)
Feb 20, 2024
Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100,...
High
Unreviewed
CVE-2023-6259
was published
Feb 20, 2024
Vulnerability of improper access control in the media library module.Successful exploitation of...
High
Unreviewed
CVE-2023-52367
was published
Feb 18, 2024
Permission management vulnerability in the lock screen module.Successful exploitation of this...
High
Unreviewed
CVE-2023-52362
was published
Feb 18, 2024
In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to...
High
Unreviewed
CVE-2024-0036
was published
Feb 16, 2024
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an improper access...
High
Unreviewed
CVE-2023-39244
was published
Feb 15, 2024
An issue in VitalPBX v.3.2.4-5 allows an attacker to execute arbitrary code via a crafted payload...
High
Unreviewed
CVE-2024-24386
was published
Feb 15, 2024
TYPO3 vulnerable to Improper Access Control Persisting File Abstraction Layer Entities via Data Handler
High
CVE-2024-25121
was published
for
typo3/cms-core
(Composer)
Feb 13, 2024
Graylog vulnerable to instantiation of arbitrary classes triggered by API request
High
CVE-2024-24824
was published
for
org.graylog2:graylog2-server
(Maven)
Feb 7, 2024
Memory corruption in Automotive Multimedia due to improper access control in HAB.
High
Unreviewed
CVE-2023-43517
was published
Feb 6, 2024
Incorrect access control in Reprise License Management Software Reprise License Manager v15.1...
High
Unreviewed
CVE-2023-44031
was published
Feb 3, 2024
ProTip!
Advisories are also available from the
GraphQL API