Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,265 advisories

Loading
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been... Moderate Unreviewed
CVE-2024-9298 was published Sep 28, 2024
TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a... High Unreviewed
CVE-2024-46097 was published Sep 27, 2024
Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5... High Unreviewed
CVE-2023-43585 was published Dec 14, 2023
OpenStack Keystone Allows Remote User Account Creation High
CVE-2012-3542 was published for keystone (pip) May 17, 2022
Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands... Critical Unreviewed
CVE-2024-46627 was published Sep 26, 2024
A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the... High Unreviewed
CVE-2024-45982 was published Sep 26, 2024
An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2... High Unreviewed
CVE-2024-44860 was published Sep 26, 2024
An issue in Foxit Software Foxit PDF Reader v.2024.2.2.25170 allows a local attacker to execute... High Unreviewed
CVE-2024-41605 was published Sep 26, 2024
Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9... Critical Unreviewed
CVE-2023-37759 was published Sep 8, 2023
An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in... Critical Unreviewed
CVE-2023-40039 was published Sep 11, 2023
netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the... High Unreviewed
CVE-2023-40850 was published Sep 13, 2023
MoinMoin Improper Access Control Moderate
CVE-2012-4404 was published for moin (pip) May 17, 2022
Improper Access Control in novajoin High
CVE-2019-10138 was published for novajoin (pip) Mar 12, 2020
Mattermost versions 9.11.x <= 9.11.0, 9.10.x <= 9.10.1, 9.9.x <= 9.9.2 and 9.5.x <= 9.5.8 fail to... Moderate Unreviewed
CVE-2024-42406 was published Sep 26, 2024
Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize access to archived channels when... Low Unreviewed
CVE-2024-47145 was published Sep 26, 2024
A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on... Moderate Unreviewed
CVE-2024-20465 was published Sep 25, 2024
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos... High Unreviewed
CVE-2024-2698 was published Jun 12, 2024
Permission control vulnerability in the audio module. Successful exploitation of this... Moderate Unreviewed
CVE-2023-41311 was published Sep 27, 2023
Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering... High Unreviewed
CVE-2024-46607 was published Sep 25, 2024
An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and... High Unreviewed
CVE-2024-46609 was published Sep 25, 2024
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in... Critical Unreviewed
CVE-2024-42797 was published Sep 25, 2024
TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access... Critical Unreviewed
CVE-2023-43141 was published Sep 25, 2023
Improper Access Control in jupyterhub-firstuseauthenticator Critical
CVE-2021-41194 was published for jupyterhub-firstuseauthenticator (pip) Oct 28, 2021
georgejhunt
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services... Moderate Unreviewed
CVE-2022-21586 was published Jul 20, 2022
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component:... Moderate Unreviewed
CVE-2022-39405 was published Oct 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database