Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,405
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,641
Pub
13
RubyGems
1,026
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+

28,407 advisories

Loading
Magento Improper Authorization Leading to Security feature bypass Moderate
CVE-2024-39415 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Improper Access Control Leads to Privilege escalation Moderate
CVE-2024-39414 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Improper Authorization leads to security feature bypass Moderate
CVE-2024-39411 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Improper Access Control Leads to Privilege escalation Moderate
CVE-2024-39419 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Improper Authorization leads to Security feature bypass Moderate
CVE-2024-39417 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Improper Authorization leads to Security feature bypass Moderate
CVE-2024-39416 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability Moderate
CVE-2024-39410 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Open Source Improper Authorization vulnerability Moderate
CVE-2024-39412 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Open Source Path Traversal vulnerability Moderate
CVE-2024-39406 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability Moderate
CVE-2024-39409 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Open Source Cross-Site Request Forgery vulnerability Moderate
CVE-2024-39408 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Improper Authorization vulnerability Moderate
CVE-2024-39418 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Improper Authorization vulnerability Moderate
CVE-2024-39413 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Improper Authorization vulnerability Moderate
CVE-2024-39407 was published for magento/community-edition (Composer) Aug 14, 2024
Magento DOM-based Cross-Site Scripting (XSS) vulnerability High
CVE-2024-39400 was published for magento/community-edition (Composer) Aug 14, 2024
Magento OS Command ('OS Command Injection') vulnerability High
CVE-2024-39402 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Improper Authorization vulnerability Moderate
CVE-2024-39405 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Improper Authorization vulnerability Moderate
CVE-2024-39404 was published for magento/community-edition (Composer) Aug 14, 2024
Magento does not properly restrict excessive authentication attempts High
CVE-2024-39398 was published for magento/community-edition (Composer) Aug 14, 2024
Magento OS Command ('OS Command Injection') vulnerability High
CVE-2024-39401 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Stored Cross-Site Scripting (XSS) vulnerability High
CVE-2024-39403 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Path Traversal vulnerability High
CVE-2024-39399 was published for magento/community-edition (Composer) Aug 14, 2024
Command Injection in sequenceserver Critical
CVE-2024-42360 was published for sequenceserver (RubyGems) Aug 13, 2024
drpowell Credited to drpowell and tadast tadast tadast
Microsoft Security Advisory CVE-2024-38168 | .NET Denial of Service Vulnerability High
CVE-2024-38168 was published for Microsoft.AspNetCore.App.Runtime.win-arm (NuGet) Aug 13, 2024
Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability Moderate
CVE-2024-38167 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Aug 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database