Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

272 advisories

Loading
SAP PowerDesigner - version 16.7, has improper access control which might allow an... Critical Unreviewed
CVE-2023-37483 was published Aug 8, 2023
Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands... Critical Unreviewed
CVE-2024-46627 was published Sep 26, 2024
Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9... Critical Unreviewed
CVE-2023-37759 was published Sep 8, 2023
An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in... Critical Unreviewed
CVE-2023-40039 was published Sep 11, 2023
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in... Critical Unreviewed
CVE-2024-42797 was published Sep 25, 2024
TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access... Critical Unreviewed
CVE-2023-43141 was published Sep 25, 2023
Improper Access Control in jupyterhub-firstuseauthenticator Critical
CVE-2021-41194 was published for jupyterhub-firstuseauthenticator (pip) Oct 28, 2021
georgejhunt
An Insecure Direct Object Reference (IDOR) vulnerability was identified in lunary-ai/lunary,... Critical Unreviewed
CVE-2024-5128 was published Jun 6, 2024
Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run... Critical Unreviewed
CVE-2024-45489 was published Sep 20, 2024
An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties... Critical Unreviewed
CVE-2024-46937 was published Sep 16, 2024
HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or... Critical Unreviewed
CVE-2023-5365 was published Oct 9, 2023
Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of this... Critical Unreviewed
CVE-2023-44118 was published Oct 11, 2023
TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive... Critical Unreviewed
CVE-2024-39376 was published Jun 27, 2024
An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also... Critical Unreviewed
CVE-2023-43119 was published Oct 16, 2023
SaToken privilege escalation vulnerability Critical
CVE-2023-44794 was published for cn.dev33:sa-token-core (Maven) Oct 25, 2023
Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are... Critical Unreviewed
CVE-2023-41721 was published Oct 25, 2023
Azure Stack Hub Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-38220 was published Sep 10, 2024
Orca HCM from LEARNING DIGITAL does not properly restrict access to a specific functionality,... Critical Unreviewed
CVE-2024-8584 was published Sep 9, 2024
An improper access control vulnerability has been identified in the SonicWall SonicOS management... Critical Unreviewed
CVE-2024-40766 was published Aug 23, 2024
eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via... Critical Unreviewed
CVE-2024-42919 was published Aug 20, 2024
Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the... Critical Unreviewed
CVE-2024-42967 was published Aug 15, 2024
An issue in BoltWire v.6.03 allows a remote attacker to obtain sensitive information via a... Critical Unreviewed
CVE-2023-46501 was published Nov 7, 2023
In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access... Critical Unreviewed
CVE-2024-45509 was published Sep 2, 2024
Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device... Critical Unreviewed
CVE-2022-46025 was published Jan 10, 2024
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting... Critical Unreviewed
CVE-2024-45522 was published Sep 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database