Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

764 advisories

Loading
SnapCenter versions 4.8 prior to 5.0 are susceptible to a vulnerability which could allow an... Moderate Unreviewed
CVE-2024-21987 was published Feb 16, 2024
Microsoft Outlook Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21402 was published Feb 13, 2024
Pixelfed doesn't check OAuth Scopes in API routes, giving elevated permissions Critical
CVE-2024-25108 was published for pixelfed/pixelfed (Composer) Feb 12, 2024
ThisIsMissEm nivenly-foundation
Credited to ThisIsMissEm and nivenly-foundation
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with... Moderate Unreviewed
CVE-2023-43609 was published Feb 9, 2024
An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3,... Moderate Unreviewed
CVE-2023-6564 was published Feb 8, 2024
Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could... Moderate Unreviewed
CVE-2024-23806 was published Feb 7, 2024
Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role... Moderate Unreviewed
CVE-2024-22021 was published Feb 7, 2024
Certain configuration available in the communication channel for encoders could expose sensitive... Moderate Unreviewed
CVE-2024-22388 was published Feb 7, 2024
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint... Moderate Unreviewed
CVE-2024-24936 was published Feb 6, 2024
An incorrect authorization vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed
CVE-2023-32967 was published Feb 2, 2024
An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7... Moderate Unreviewed
CVE-2024-0456 was published Jan 26, 2024
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions... High Unreviewed
CVE-2023-40683 was published Jan 19, 2024
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). ... Moderate Unreviewed
CVE-2024-20979 was published Jan 17, 2024
EverShop vulnerable to improper authorization in GraphQL endpoints High
CVE-2023-46942 was published for @evershop/evershop (npm) Jan 13, 2024
A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this... Moderate Unreviewed
CVE-2022-4962 was published Jan 13, 2024
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app... Moderate Unreviewed
CVE-2023-40430 was published Jan 11, 2024
The vulnerability allows an authenticated remote attacker to perform actions exceeding their... High Unreviewed
CVE-2023-48252 was published Jan 10, 2024
SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107,... High Unreviewed
CVE-2024-21735 was published Jan 9, 2024
SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does... Moderate Unreviewed
CVE-2024-21736 was published Jan 9, 2024
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4,... Moderate Unreviewed
CVE-2023-5061 was published Dec 15, 2023
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread... Moderate Unreviewed
CVE-2023-50871 was published Dec 15, 2023
An improper authorization vulnerability [CWE-285] in Fortinet FortiADC version 7.4.0 and before 7... High Unreviewed
CVE-2023-41673 was published Dec 13, 2023
SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through... High Unreviewed
CVE-2023-6538 was published Dec 11, 2023
Information disclosure in SMU in Hitachi Vantara HNAS 14.8.7825.01 on Windows allows... High Unreviewed
CVE-2023-5808 was published Dec 5, 2023
Possible user mocking that bypasses basic authentication Moderate
CVE-2023-48309 was published for next-auth (npm) Nov 20, 2023
securing dastaj
magnunm balazsorban44 ThangHuuVu
Credited to securing, dastaj, magnunm, balazsorban44, and ThangHuuVu
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database