Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,051 advisories

Loading
An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2024-5816 was published Jul 17, 2024
This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to... High Unreviewed
CVE-2024-8601 was published Sep 9, 2024
An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also... Critical Unreviewed
CVE-2023-43119 was published Oct 16, 2023
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore... Moderate Unreviewed
CVE-2024-47159 was published Sep 19, 2024
In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate... Moderate Unreviewed
CVE-2024-47160 was published Sep 19, 2024
app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org... Critical Unreviewed
CVE-2024-46918 was published Sep 16, 2024
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an... High Unreviewed
CVE-2023-47142 was published Feb 2, 2024
IBM CP4BA - Filenet Content Manager Component 5.5.8.0, 5.5.10.0, and 5.5.11.0 could allow a user... Moderate Unreviewed
CVE-2023-47716 was published Mar 1, 2024
Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows... Critical Unreviewed
CVE-2024-8606 was published Sep 23, 2024
Permissions not properly checked in Invenio-Drafts-Resources Moderate
CVE-2021-43781 was published for invenio-app-rdm (pip) Dec 6, 2021
lnielsen
Authorization Bypass in I hate money Moderate
CVE-2020-15120 was published for ihatemoney (pip) Jul 27, 2020
zorun
Possible pod name collisions in jupyterhub-kubespawner High
CVE-2020-15110 was published for jupyterhub-kubespawner (pip) Jul 22, 2020
Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On... Critical Unreviewed
CVE-2024-6593 was published Sep 25, 2024
Incorrect Authorization vulnerability in the protocol communication between the WatchGuard... Critical Unreviewed
CVE-2024-6592 was published Sep 25, 2024
Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10... Unknown Unreviewed
CVE-2024-6512 was published Sep 25, 2024
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos... High Unreviewed
CVE-2024-2698 was published Jun 12, 2024
A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for... Moderate Unreviewed
CVE-2024-20510 was published Sep 25, 2024
Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows... High Unreviewed
CVE-2024-7108 was published Sep 26, 2024
Mattermost versions 9.10.x <= 9.10.1, 9.9.x <= 9.9.2, 9.5.x <= 9.5.8 fail to limit access to... Moderate Unreviewed
CVE-2024-9155 was published Sep 26, 2024
Apache Submarine Server Core Incorrect Authorization vulnerability Critical
CVE-2024-36265 was published for apache-submarine (Maven) Jun 12, 2024
OpenStack Keystone V3 /credentials endpoint policy logic allows to change credentials owner or target project ID High
CVE-2020-12691 was published for keystone (pip) May 24, 2022
OpenStack Keystone Insufficient token expiration High
CVE-2012-5563 was published for keystone (pip) May 17, 2022
A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed... High Unreviewed
CVE-2023-0971 was published Jun 21, 2023
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-9082 was published Sep 22, 2024
An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server, allowing an... Moderate Unreviewed
CVE-2024-7711 was published Aug 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database