Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,072
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,902 advisories

Loading
FriendlyCaptcha Plugin for TYPO3 Captcha Check Bypass Moderate
CVE-2024-38873 was published for studiomitte/friendlycaptcha (Composer) Jun 21, 2024
Moodle BigBlueButton web service leaks meeting joining information Moderate
CVE-2024-38273 was published for moodle/moodle (Composer) Jun 18, 2024
DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa... High Unreviewed
CVE-2024-5650 was published Jun 17, 2024
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the... Moderate Unreviewed
CVE-2024-28966 was published Jun 13, 2024
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the... Moderate Unreviewed
CVE-2024-28968 was published Jun 13, 2024
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the... Moderate Unreviewed
CVE-2024-28969 was published Jun 13, 2024
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the... Moderate Unreviewed
CVE-2024-28967 was published Jun 13, 2024
Dell SCG, versions prior to 5.24.00.00, contain an Improper Access Control vulnerability in the... Moderate Unreviewed
CVE-2024-28965 was published Jun 13, 2024
ColdFusion versions 2023u7, 2021u13 and earlier are affected by an Improper Access Control... High Unreviewed
CVE-2024-34112 was published Jun 13, 2024
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an... Moderate Unreviewed
CVE-2024-34107 was published Jun 13, 2024
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Access Control... High Unreviewed
CVE-2024-26029 was published Jun 13, 2024
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos... High Unreviewed
CVE-2024-2698 was published Jun 12, 2024
Keycloak's admin API allows low privilege users to use administrative functions High
CVE-2024-3656 was published for org.keycloak:keycloak-services (Maven) Jun 11, 2024
Visual Studio Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-29060 was published Jun 11, 2024
An improper access control vulnerability exists in the lunary-ai/lunary repository, specifically... High Unreviewed
CVE-2024-5126 was published Jun 6, 2024
An Improper Access Control vulnerability exists in the lunary-ai/lunary repository, affecting... High Unreviewed
CVE-2024-5131 was published Jun 6, 2024
An Insecure Direct Object Reference (IDOR) vulnerability was identified in lunary-ai/lunary,... Critical Unreviewed
CVE-2024-5128 was published Jun 6, 2024
In gaizhenbiao/chuanhuchatgpt, specifically the version tagged as 20240121, there exists a... Moderate Unreviewed
CVE-2024-3404 was published Jun 6, 2024
In lunary-ai/lunary version 1.2.5, an improper access control vulnerability exists due to a... Moderate Unreviewed
CVE-2024-5248 was published Jun 6, 2024
An improper access control vulnerability exists in lunary-ai/lunary versions up to and including... High Unreviewed
CVE-2024-3504 was published Jun 6, 2024
In lunary-ai/lunary versions 1.2.2 through 1.2.25, an improper access control vulnerability... Moderate Unreviewed
CVE-2024-5127 was published Jun 6, 2024
An improper access control vulnerability exists in the gaizhenbiao/chuanhuchatgpt application,... High Unreviewed
CVE-2024-4520 was published Jun 4, 2024
Improper Access Control vulnerability in EMTA Grup PDKS allows Exploiting Incorrectly Configured... Unknown Unreviewed
CVE-2024-0336 was published Jun 3, 2024
Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU registers. High Unreviewed
CVE-2024-23360 was published Jun 3, 2024
In telephony, there is a possible information disclosure due to a missing permission check. This... Unknown Unreviewed
CVE-2024-20065 was published Jun 3, 2024
ProTip! Advisories are also available from the GraphQL API