GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,269 advisories
Filter by severity
Moodle BigBlueButton web service leaks meeting joining information
Moderate
CVE-2024-38273
was published
for
moodle/moodle
(Composer)
Jun 18, 2024
Improper Access Control vulnerability in Talya Informatics Travel APPS allows Exploiting...
Moderate
Unreviewed
CVE-2024-1153
was published
Jun 27, 2024
In version 1.2.7 of lunary-ai/lunary, any authenticated user, regardless of their role, can...
Moderate
Unreviewed
CVE-2024-6086
was published
Jun 27, 2024
In lunary-ai/lunary version 1.2.4, an improper access control vulnerability allows members with...
High
Unreviewed
CVE-2024-5714
was published
Jun 27, 2024
This vulnerability allows remote attackers to bypass authentication on affected installations of...
Critical
Unreviewed
CVE-2023-27350
was published
Apr 20, 2023
Apache Tomcat Improper Access Control vulnerability
Critical
CVE-2016-8735
was published
for
org.apache.tomcat:tomcat-catalina
(Maven)
May 13, 2022
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
High
Unreviewed
CVE-2024-36989
was published
Jul 1, 2024
** DISPUTED ** An issue was discovered in SMA Solar Technology products. A secondary...
Critical
Unreviewed
CVE-2017-9855
was published
May 13, 2022
An improper access control vulnerability exists in RT-AC87U all versions. An attacker may read or...
Critical
Unreviewed
CVE-2023-47678
was published
Nov 15, 2023
Vulnerability of improper access control in the media library module.Successful exploitation of...
High
Unreviewed
CVE-2023-52367
was published
Feb 18, 2024
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and...
High
Unreviewed
CVE-2024-28960
was published
Mar 29, 2024
An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to cause...
Moderate
Unreviewed
CVE-2024-24487
was published
Apr 15, 2024
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle...
Moderate
Unreviewed
CVE-2024-21091
was published
Apr 17, 2024
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway)...
Moderate
Unreviewed
CVE-2024-21084
was published
Apr 17, 2024
HCL Connections contains a broken access control vulnerability that may expose sensitive...
Low
Unreviewed
CVE-2024-30107
was published
Apr 18, 2024
An issue was discovered in Italtel Embrace 1.6.4. The web application does not restrict or...
High
Unreviewed
CVE-2024-31846
was published
Apr 19, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a...
High
Unreviewed
CVE-2024-22811
was published
Apr 22, 2024
A logic issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3...
High
Unreviewed
CVE-2024-23271
was published
Apr 24, 2024
An issue was discovered in Zammad before 6.3.0. Users with customer access to a ticket could have...
High
Unreviewed
CVE-2024-33666
was published
Apr 26, 2024
Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component...
Moderate
Unreviewed
CVE-2024-33260
was published
Apr 26, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a...
Moderate
Unreviewed
CVE-2024-22807
was published
Apr 22, 2024
An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from...
High
Unreviewed
CVE-2023-38297
was published
Apr 22, 2024
Shenzhen JF6000 Cloud Media Collaboration Processing Platform firmware version V1.2.0 and...
Critical
Unreviewed
CVE-2023-49473
was published
Apr 30, 2024
Anti-Cheat Expert's Windows kernel module "ACE-BASE.sys" version 1.0.2202.6217 does not perform...
Moderate
Unreviewed
CVE-2024-22830
was published
May 1, 2024
A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones, including 6970 Conference Unit,...
High
Unreviewed
CVE-2024-31964
was published
May 2, 2024
ProTip!
Advisories are also available from the
GraphQL API