GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,678
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,307 advisories
Filter by severity
Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via ...
Moderate
Unreviewed
CVE-2024-42766
was published
Aug 23, 2024
An improper access control vulnerability has been identified in the SonicWall SonicOS management...
Critical
Unreviewed
CVE-2024-40766
was published
Aug 23, 2024
Improper access control in Decentralized Identity Services allows an unathenticated attacker to...
High
Unreviewed
CVE-2024-43477
was published
Aug 23, 2024
An Incorrect Access Control vulnerability was found in /admin/rooms.php in Kashipara Hotel...
High
Unreviewed
CVE-2024-42772
was published
Aug 22, 2024
An Incorrect Access Control vulnerability was found in /admin/add_room_controller.php in...
Critical
Unreviewed
CVE-2024-42775
was published
Aug 22, 2024
Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Access Control via /admin/users...
High
Unreviewed
CVE-2024-42776
was published
Aug 22, 2024
Mattermost allows guest user with read access to upload files to a channel
Moderate
CVE-2024-43780
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Aug 22, 2024
Mattermost allows user with systems manager role with read-only access to teams to perform write operations on teams
Moderate
CVE-2024-42497
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Aug 22, 2024
Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP...
Moderate
Unreviewed
CVE-2024-36441
was published
Aug 22, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 17.1.6...
Moderate
Unreviewed
CVE-2024-3127
was published
Aug 22, 2024
Mattermost allows team admin user without "Add Team Members" permission to disable invite URL
Low
CVE-2024-40884
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Aug 22, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole...
High
Unreviewed
CVE-2024-36443
was published
Aug 22, 2024
Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to enforce proper access controls which...
Moderate
Unreviewed
CVE-2024-43813
was published
Aug 22, 2024
Mattermost doesn't restrict which roles can promote a user as system admin
Moderate
CVE-2024-8071
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Aug 22, 2024
Mattermost doesn't redact remote users' original email addresses
Moderate
CVE-2024-32939
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Aug 22, 2024
An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra...
Critical
Unreviewed
CVE-2024-38175
was published
Aug 20, 2024
Ghost's improper authentication allows access to member information and actions
Moderate
CVE-2024-43409
was published
for
@tryghost/portal
(npm)
Aug 20, 2024
apollo-portal has potential unauthorized access issue
Moderate
CVE-2024-43397
was published
for
com.ctrip.framework.apollo:apollo
(Maven)
Aug 20, 2024
Umbraco CMS Improper Access Control vulnerability
Moderate
CVE-2024-43377
was published
for
Umbraco.Cms
(NuGet)
Aug 20, 2024
eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via...
Critical
Unreviewed
CVE-2024-42919
was published
Aug 20, 2024
Improper Access Controls allows backend users to overwrite their username when disallowed.
High
Unreviewed
CVE-2024-27187
was published
Aug 20, 2024
An issue in the login component (process_login.php) of Hotel Management System commit 79d688...
Critical
Unreviewed
CVE-2024-42559
was published
Aug 20, 2024
A vulnerability has been found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016...
Moderate
Unreviewed
CVE-2024-7921
was published
Aug 19, 2024
A vulnerability, which was classified as critical, has been found in Anhui Deshun Intelligent...
Moderate
Unreviewed
CVE-2024-7919
was published
Aug 19, 2024
ProTip!
Advisories are also available from the
GraphQL API