Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,269 advisories

Loading
Moodle BigBlueButton web service leaks meeting joining information Moderate
CVE-2024-38273 was published for moodle/moodle (Composer) Jun 18, 2024
Improper Access Control vulnerability in Talya Informatics Travel APPS allows Exploiting... Moderate Unreviewed
CVE-2024-1153 was published Jun 27, 2024
In version 1.2.7 of lunary-ai/lunary, any authenticated user, regardless of their role, can... Moderate Unreviewed
CVE-2024-6086 was published Jun 27, 2024
In lunary-ai/lunary version 1.2.4, an improper access control vulnerability allows members with... High Unreviewed
CVE-2024-5714 was published Jun 27, 2024
This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed
CVE-2023-27350 was published Apr 20, 2023
Apache Tomcat Improper Access Control vulnerability Critical
CVE-2016-8735 was published for org.apache.tomcat:tomcat-catalina (Maven) May 13, 2022
sunSUNQ westonsteimel
liususan091219
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... High Unreviewed
CVE-2024-36989 was published Jul 1, 2024
** DISPUTED ** An issue was discovered in SMA Solar Technology products. A secondary... Critical Unreviewed
CVE-2017-9855 was published May 13, 2022
An improper access control vulnerability exists in RT-AC87U all versions. An attacker may read or... Critical Unreviewed
CVE-2023-47678 was published Nov 15, 2023
Vulnerability of improper access control in the media library module.Successful exploitation of... High Unreviewed
CVE-2023-52367 was published Feb 18, 2024
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and... High Unreviewed
CVE-2024-28960 was published Mar 29, 2024
An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to cause... Moderate Unreviewed
CVE-2024-24487 was published Apr 15, 2024
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle... Moderate Unreviewed
CVE-2024-21091 was published Apr 17, 2024
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway)... Moderate Unreviewed
CVE-2024-21084 was published Apr 17, 2024
HCL Connections contains a broken access control vulnerability that may expose sensitive... Low Unreviewed
CVE-2024-30107 was published Apr 18, 2024
An issue was discovered in Italtel Embrace 1.6.4. The web application does not restrict or... High Unreviewed
CVE-2024-31846 was published Apr 19, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a... High Unreviewed
CVE-2024-22811 was published Apr 22, 2024
A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3... High Unreviewed
CVE-2024-23271 was published Apr 24, 2024
An issue was discovered in Zammad before 6.3.0. Users with customer access to a ticket could have... High Unreviewed
CVE-2024-33666 was published Apr 26, 2024
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component... Moderate Unreviewed
CVE-2024-33260 was published Apr 26, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a... Moderate Unreviewed
CVE-2024-22807 was published Apr 22, 2024
An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from... High Unreviewed
CVE-2023-38297 was published Apr 22, 2024
Shenzhen JF6000 Cloud Media Collaboration Processing Platform firmware version V1.2.0 and... Critical Unreviewed
CVE-2023-49473 was published Apr 30, 2024
Anti-Cheat Expert's Windows kernel module "ACE-BASE.sys" version 1.0.2202.6217 does not perform... Moderate Unreviewed
CVE-2024-22830 was published May 1, 2024
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones, including 6970 Conference Unit,... High Unreviewed
CVE-2024-31964 was published May 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database