Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,265 advisories

Loading
An improper access control vulnerability exists in the mintplex-labs/anything-llm application,... Critical Unreviewed
CVE-2024-3279 was published Aug 12, 2024
Improper access control vulnerability affecting Vonets industrial wifi bridge relays and wifi... High Unreviewed
CVE-2024-29082 was published Aug 12, 2024
A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in... Critical Unreviewed
CVE-2024-40480 was published Aug 12, 2024
Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory... Moderate Unreviewed
CVE-2024-41332 was published Aug 12, 2024
SourceCodester Best House Rental Management System v1.0 is vulnerable to Incorrect Access Control... Moderate Unreviewed
CVE-2024-40475 was published Aug 12, 2024
A vulnerability was found in OpenShift AI that allows for authentication bypass and privilege... High Unreviewed
CVE-2024-7557 was published Aug 12, 2024
RBAC Roles for `etcd` created by Kamaji are not disjunct High
CVE-2024-42480 was published for github.com/clastix/kamaji (Go) Aug 12, 2024
SimonKienzler prometherion
SAP NetWeaver Application Server ABAP allows an unauthenticated attacker to craft a URL link... Moderate Unreviewed
CVE-2024-41732 was published Aug 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2024-41905 was published Aug 13, 2024
An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through... Moderate Unreviewed
CVE-2024-36505 was published Aug 13, 2024
Insufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow... High Unreviewed
CVE-2023-31341 was published Aug 13, 2024
Azure Connected Machine Agent Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38162 was published Aug 13, 2024
Azure CycleCloud Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38195 was published Aug 13, 2024
Windows Initial Machine Configuration Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-38223 was published Aug 13, 2024
Windows Update Stack Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38163 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed
CVE-2024-39414 was published Aug 14, 2024
Improper access control for some Intel(R) CIP software before version 2.4.10717 may allow an... Moderate Unreviewed
CVE-2023-43489 was published Aug 14, 2024
Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network... Critical Unreviewed
CVE-2024-24986 was published Aug 14, 2024
improper access control in firmware for some Intel(R) FPGA products before version 24.1 may allow... High Unreviewed
CVE-2024-25576 was published Aug 14, 2024
Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may... High Unreviewed
CVE-2024-26022 was published Aug 14, 2024
Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31... Moderate Unreviewed
CVE-2024-28050 was published Aug 14, 2024
Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the... Critical Unreviewed
CVE-2024-42966 was published Aug 15, 2024
Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the... Critical Unreviewed
CVE-2024-42967 was published Aug 15, 2024
Flask-CORS allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default High
CVE-2024-6221 was published for Flask-Cors (pip) Aug 18, 2024
adrianosela Alex-ley-scrub
icarocd
A vulnerability, which was classified as problematic, was found in Anhui Deshun Intelligent... Moderate Unreviewed
CVE-2024-7920 was published Aug 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database