Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

764 advisories

Loading
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E... Moderate Unreviewed
CVE-2024-21031 was published Apr 17, 2024
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E... Moderate Unreviewed
CVE-2024-21026 was published Apr 17, 2024
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E... Moderate Unreviewed
CVE-2024-21018 was published Apr 17, 2024
OpenFGA Authorization Bypass High
CVE-2024-31452 was published for github.com/openfga/openfga (Go) Apr 16, 2024
lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members... Critical Unreviewed
CVE-2024-1741 was published Apr 10, 2024
Azure Migrate Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-26193 was published Apr 9, 2024
Vulnerability of permission verification in some APIs in the ActivityTaskManagerService module.... High Unreviewed
CVE-2023-52359 was published Apr 8, 2024
Permission verification vulnerability in the Settings module. Impact: Successful exploitation of... High Unreviewed
CVE-2023-52539 was published Apr 8, 2024
A vulnerability classified as critical was found in CP Plus Wi-Fi Camera up to 20240401. Affected... Moderate Unreviewed
CVE-2024-3434 was published Apr 8, 2024
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline Low
CVE-2024-30260 was published for undici (npm) Apr 4, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Computer... Moderate Unreviewed
CVE-2024-3139 was published Apr 2, 2024
A vulnerability was found in FLIR AX8 up to 1.46.16. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2024-3013 was published Mar 28, 2024
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, where it allows a guest... High Unreviewed
CVE-2024-0077 was published Mar 28, 2024
A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco... Moderate Unreviewed
CVE-2024-20333 was published Mar 27, 2024
Privileges are not fully verified server-side, which can be abused by a user with limited... High Unreviewed
CVE-2024-28029 was published Mar 22, 2024
GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspace High
CVE-2024-29033 was published for oauthenticator (pip) Mar 20, 2024
manics consideRatio
betatim
Credited to manics, consideRatio, and betatim
A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as... Moderate Unreviewed
CVE-2024-2641 was published Mar 20, 2024
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-2557 was published Mar 17, 2024
An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0... Moderate Unreviewed
CVE-2024-21761 was published Mar 12, 2024
A vulnerability was found in Bdtask Hospital AutoManager up to 20240227 and classified as... Moderate Unreviewed
CVE-2024-2317 was published Mar 8, 2024
`GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user High
CVE-2024-27916 was published for github.com/stacklok/minder (Go) Mar 5, 2024
dmjb
Credited to dmjb
Due to insufficient server-side validation, a successful exploit of this vulnerability could... High Unreviewed
CVE-2024-25063 was published Mar 2, 2024
Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain an improper authorization... Moderate Unreviewed
CVE-2024-24900 was published Mar 1, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.4 before 16.7.6... Moderate Unreviewed
CVE-2024-0861 was published Feb 22, 2024
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component:... Moderate Unreviewed
CVE-2024-20943 was published Feb 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database