Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,269 advisories

Loading
A security flaw in Node.js allows a bypass of network import restrictions. By embedding non... Moderate Unreviewed
CVE-2024-22020 was published Jul 9, 2024
Directus incorrectly handles `_in` filter Moderate
CVE-2024-39701 was published for directus (npm) Jul 8, 2024
adelinn
rejetto HFS vulnerable to OS Command Execution by remote authenticated users Critical
CVE-2024-39943 was published for hfs (npm) Jul 5, 2024
Robotmk before 2.0.1 allows a local user to escalate privileges (e.g., to SYSTEM) if automated... High Unreviewed
CVE-2024-39934 was published Jul 4, 2024
Improper Access Control in stitionai/devika Moderate Unreviewed
CVE-2024-5821 was published Jul 3, 2024
Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2, 9.5.x <= 9.5.5 fail to prevent... Moderate Unreviewed
CVE-2024-6428 was published Jul 3, 2024
Mattermost versions 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5 fail to prevent... Low Unreviewed
CVE-2024-39361 was published Jul 3, 2024
Mattermost versions 9.5.x <= 9.5.5 and 9.8.0, when using shared channels with multiple remote... Low Unreviewed
CVE-2024-36257 was published Jul 3, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... High Unreviewed
CVE-2024-36989 was published Jul 1, 2024
litellm vulnerable to improper access control in team management Moderate
CVE-2024-5710 was published for litellm (pip) Jun 27, 2024
krrishdholakia byt3bl33d3r
In lunary-ai/lunary version 1.2.4, an improper access control vulnerability allows members with... High Unreviewed
CVE-2024-5714 was published Jun 27, 2024
In version 1.2.7 of lunary-ai/lunary, any authenticated user, regardless of their role, can... Moderate Unreviewed
CVE-2024-6086 was published Jun 27, 2024
TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive... Critical Unreviewed
CVE-2024-39376 was published Jun 27, 2024
Improper Access Control vulnerability in Talya Informatics Travel APPS allows Exploiting... Moderate Unreviewed
CVE-2024-1153 was published Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11... Critical Unreviewed
CVE-2024-5655 was published Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11... Moderate Unreviewed
CVE-2024-2191 was published Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.10 prior to 16.11... Moderate Unreviewed
CVE-2024-5430 was published Jun 27, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11... Low Unreviewed
CVE-2024-4011 was published Jun 27, 2024
An issue in Safe Exam Browser for Windows before 3.6 allows an attacker to share clipboard data... High Unreviewed
CVE-2024-37742 was published Jun 26, 2024
GigaDevice GD32E103C8T6 devices have Incorrect Access Control. Critical Unreviewed
CVE-2024-21741 was published Jun 25, 2024
Artery AT32F415CBT7 and AT32F421C8T7 devices have Incorrect Access Control. High Unreviewed
CVE-2024-21740 was published Jun 25, 2024
Axiros AXESS Auto Configuration Server (ACS) 4.x and 5.0.0 has Incorrect Access Control. An... Critical Unreviewed
CVE-2024-33898 was published Jun 25, 2024
An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215... High Unreviewed
CVE-2024-37677 was published Jun 24, 2024
FriendlyCaptcha Plugin for TYPO3 Captcha Check Bypass Moderate
CVE-2024-38873 was published for studiomitte/friendlycaptcha (Composer) Jun 21, 2024
Northern.tech Mender 3.3.x before 3.3.2, 3.5.x before 3.5.0, and 3.6.x before 3.6.0 has Incorrect... High Unreviewed
CVE-2022-45929 was published Jun 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database