GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
763 advisories
Filter by severity
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0 and classified...
Moderate
Unreviewed
CVE-2024-9321
was published
Sep 29, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-9298
was published
Sep 28, 2024
Mattermost versions 9.11.x <= 9.11.0, 9.10.x <= 9.10.1, 9.9.x <= 9.9.2 and 9.5.x <= 9.5.8 fail to...
Moderate
Unreviewed
CVE-2024-42406
was published
Sep 26, 2024
A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on...
Moderate
Unreviewed
CVE-2024-20465
was published
Sep 25, 2024
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic...
Moderate
Unreviewed
CVE-2024-9003
was published
Sep 19, 2024
The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15...
Moderate
Unreviewed
CVE-2024-40825
was published
Sep 17, 2024
Kashipara Music Management System v1.0 is vulnerable to Incorrect Access Control via /music/ajax...
Moderate
Unreviewed
CVE-2024-42794
was published
Sep 16, 2024
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_genre in...
Moderate
Unreviewed
CVE-2024-42796
was published
Sep 16, 2024
An Incorrect Access Control vulnerability was found in /music/view_user.php?id=3 and /music...
Moderate
Unreviewed
CVE-2024-42795
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software for all versions may allow an...
Moderate
Unreviewed
CVE-2024-34543
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user...
Moderate
Unreviewed
CVE-2024-36247
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software for all versions may allow an...
Moderate
Unreviewed
CVE-2024-32940
was published
Sep 16, 2024
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker...
Moderate
Unreviewed
CVE-2024-20343
was published
Sep 11, 2024
An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6...
Moderate
Unreviewed
CVE-2024-45323
was published
Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Moderate
Unreviewed
CVE-2024-37993
was published
Sep 10, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control...
Moderate
Unreviewed
CVE-2024-39580
was published
Sep 10, 2024
A vulnerability has been identified in Node.js version 20, affecting users of the experimental...
Moderate
Unreviewed
CVE-2023-30582
was published
Sep 7, 2024
An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an...
Moderate
Unreviewed
CVE-2024-44913
was published
Aug 28, 2024
An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an...
Moderate
Unreviewed
CVE-2024-44914
was published
Aug 28, 2024
An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an...
Moderate
Unreviewed
CVE-2024-44915
was published
Aug 28, 2024
A vulnerability in the restricted security domain implementation of Cisco Application Policy...
Moderate
Unreviewed
CVE-2024-20279
was published
Aug 28, 2024
A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode...
Moderate
Unreviewed
CVE-2024-8216
was published
Aug 27, 2024
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a...
Moderate
Unreviewed
CVE-2024-5814
was published
Aug 27, 2024
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via ...
Moderate
Unreviewed
CVE-2024-42766
was published
Aug 23, 2024
Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP...
Moderate
Unreviewed
CVE-2024-36441
was published
Aug 22, 2024
ProTip!
Advisories are also available from the
GraphQL API