GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,269 advisories
Filter by severity
A security flaw in Node.js allows a bypass of network import restrictions.
By embedding non...
Moderate
Unreviewed
CVE-2024-22020
was published
Jul 9, 2024
Directus incorrectly handles `_in` filter
Moderate
CVE-2024-39701
was published
for
directus
(npm)
Jul 8, 2024
rejetto HFS vulnerable to OS Command Execution by remote authenticated users
Critical
CVE-2024-39943
was published
for
hfs
(npm)
Jul 5, 2024
Robotmk before 2.0.1 allows a local user to escalate privileges (e.g., to SYSTEM) if automated...
High
Unreviewed
CVE-2024-39934
was published
Jul 4, 2024
Improper Access Control in stitionai/devika
Moderate
Unreviewed
CVE-2024-5821
was published
Jul 3, 2024
Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2, 9.5.x <= 9.5.5 fail to prevent...
Moderate
Unreviewed
CVE-2024-6428
was published
Jul 3, 2024
Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5 fail to prevent...
Low
Unreviewed
CVE-2024-39361
was published
Jul 3, 2024
Mattermost versions 9.5.x <= 9.5.5 and 9.8.0, when using shared channels with multiple remote...
Low
Unreviewed
CVE-2024-36257
was published
Jul 3, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
High
Unreviewed
CVE-2024-36989
was published
Jul 1, 2024
litellm vulnerable to improper access control in team management
Moderate
CVE-2024-5710
was published
for
litellm
(pip)
Jun 27, 2024
In lunary-ai/lunary version 1.2.4, an improper access control vulnerability allows members with...
High
Unreviewed
CVE-2024-5714
was published
Jun 27, 2024
In version 1.2.7 of lunary-ai/lunary, any authenticated user, regardless of their role, can...
Moderate
Unreviewed
CVE-2024-6086
was published
Jun 27, 2024
TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive...
Critical
Unreviewed
CVE-2024-39376
was published
Jun 27, 2024
Improper Access Control vulnerability in Talya Informatics Travel APPS allows Exploiting...
Moderate
Unreviewed
CVE-2024-1153
was published
Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11...
Critical
Unreviewed
CVE-2024-5655
was published
Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11...
Moderate
Unreviewed
CVE-2024-2191
was published
Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.10 prior to 16.11...
Moderate
Unreviewed
CVE-2024-5430
was published
Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11...
Low
Unreviewed
CVE-2024-4011
was published
Jun 27, 2024
An issue in Safe Exam Browser for Windows before 3.6 allows an attacker to share clipboard data...
High
Unreviewed
CVE-2024-37742
was published
Jun 26, 2024
GigaDevice GD32E103C8T6 devices have Incorrect Access Control.
Critical
Unreviewed
CVE-2024-21741
was published
Jun 25, 2024
Artery AT32F415CBT7 and AT32F421C8T7 devices have Incorrect Access Control.
High
Unreviewed
CVE-2024-21740
was published
Jun 25, 2024
Axiros AXESS Auto Configuration Server (ACS) 4.x and 5.0.0 has Incorrect Access Control. An...
Critical
Unreviewed
CVE-2024-33898
was published
Jun 25, 2024
An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215...
High
Unreviewed
CVE-2024-37677
was published
Jun 24, 2024
FriendlyCaptcha Plugin for TYPO3 Captcha Check Bypass
Moderate
CVE-2024-38873
was published
for
studiomitte/friendlycaptcha
(Composer)
Jun 21, 2024
Northern.tech Mender 3.3.x before 3.3.2, 3.5.x before 3.5.0, and 3.6.x before 3.6.0 has Incorrect...
High
Unreviewed
CVE-2022-45929
was published
Jun 20, 2024
ProTip!
Advisories are also available from the
GraphQL API