Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

276 advisories

Loading
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-29990 was published Apr 9, 2024
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive... Critical Unreviewed
CVE-2023-1083 was published Apr 9, 2024
In TOTOLINK EX200 V4.0.3c.7314_B20191204, an attacker can obtain the configuration file without... Critical Unreviewed
CVE-2024-31815 was published Apr 8, 2024
Alldata V0.4.6 is vulnerable to Incorrect Access Control. A total of many modules interface... Critical Unreviewed
CVE-2024-27602 was published Apr 2, 2024
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can... Critical Unreviewed
CVE-2024-25735 was published Mar 27, 2024
Datalust Seq before 2023.4.11151 and 2024 before 2024.1.11146 has Incorrect Access Control... Critical Unreviewed
CVE-2024-29866 was published Mar 21, 2024
An issue discovered in Axigen Mail Server 10.3.x before 10.3.1.27 and 10.3.2.x before 10.3.3.1... Critical Unreviewed
CVE-2020-26942 was published Mar 21, 2024
The Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in... Critical Unreviewed
CVE-2021-47155 was published Mar 18, 2024
Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has... Critical Unreviewed
CVE-2022-47036 was published Mar 18, 2024
An issue in Advanced Plugins ultimateimagetool module for PrestaShop before v.2.2.01, allows a... Critical Unreviewed
CVE-2024-28390 was published Mar 14, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The... Critical Unreviewed
CVE-2022-32257 was published Mar 12, 2024
An issue was discovered in Lustre versions 2.13.x, 2.14.x, and 2.15.x before 2.15.4, allows... Critical Unreviewed
CVE-2023-51786 was published Mar 7, 2024
Incorrect access control in Book Store Management System v1 allows attackers to access... Critical Unreviewed
CVE-2023-49543 was published Mar 2, 2024
A remote attacker may be able to bypass access control of Commend WS203VICM by creating a... Critical Unreviewed
CVE-2024-21767 was published Mar 1, 2024
An issue was discovered in Couchbase Server before 7.2.4. SQL++ cURL calls to /diag/eval are not... Critical Unreviewed
CVE-2023-49931 was published Feb 29, 2024
An issue was discovered in RWS WorldServer before 11.7.3. Regular users can create users with the... Critical Unreviewed
CVE-2022-34270 was published Feb 29, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2023-42945 was published Feb 21, 2024
4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set... Critical Unreviewed
CVE-2024-24300 was published Feb 15, 2024
Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-21376 was published Feb 13, 2024
Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21401 was published Feb 13, 2024
Microsoft Azure Site Recovery Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21364 was published Feb 13, 2024
An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the... Critical Unreviewed
CVE-2024-24496 was published Feb 8, 2024
Inadequate access control in the C21 Live Encoder and Live Mosaic product, version 5.3. This... Critical Unreviewed
CVE-2024-0642 was published Jan 17, 2024
@clerk/nextjs auth() and getAuth() methods vulnerable to insecure direct object reference (IDOR) Critical
CVE-2024-22206 was published for @clerk/nextjs (npm) Jan 12, 2024
nikosdouvlis SokratisVidros
colinclerk agis braden-clerk BRKalow
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16... Critical Unreviewed
CVE-2023-7028 was published Jan 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database