GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,950 advisories
Filter by severity
In lunary-ai/lunary version 1.2.5, an improper access control vulnerability exists due to a...
Moderate
Unreviewed
CVE-2024-5248
was published
Jun 6, 2024
Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may...
High
Unreviewed
CVE-2022-29871
was published
Aug 11, 2023
In Dell SupportAssist for Home PCs (between v3.0 and v3.14.1) and SupportAssist for Business PCs...
High
Unreviewed
CVE-2023-44283
was published
Oct 17, 2024
Improper access control in firmware for some Intel(R) PROSet/Wireless WiFi software for Windows...
Moderate
Unreviewed
CVE-2023-28714
was published
Aug 11, 2023
Improper access control vulnerability in Synology Drive before 1.0.2-10275 allows remote...
Moderate
Unreviewed
CVE-2018-8922
was published
May 13, 2022
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization...
Moderate
Unreviewed
CVE-2020-36831
was published
Oct 16, 2024
The Facebook Chat Plugin for WordPress is vulnerable to authorization bypass due to a missing...
High
Unreviewed
CVE-2020-36838
was published
Oct 16, 2024
Improper Access Control in Imagine Cup allows an authorized attacker to elevate privileges over a...
High
Unreviewed
CVE-2024-38204
was published
Oct 16, 2024
In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk...
Moderate
Unreviewed
CVE-2024-45735
was published
Oct 14, 2024
In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user that does not hold...
Moderate
Unreviewed
CVE-2024-45734
was published
Oct 14, 2024
The disabling function of the user registration page for Heimavista Rpage and Epage is not...
Moderate
Unreviewed
CVE-2024-2412
was published
Mar 13, 2024
The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated...
Critical
Unreviewed
CVE-2024-3777
was published
Apr 15, 2024
EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing...
Moderate
Unreviewed
CVE-2024-26263
was published
Feb 15, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version...
Moderate
Unreviewed
CVE-2023-24481
was published
Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version...
Moderate
Unreviewed
CVE-2023-27301
was published
Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version...
Low
Unreviewed
CVE-2023-26596
was published
Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version...
High
Unreviewed
CVE-2023-25777
was published
Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version...
Low
Unreviewed
CVE-2023-27303
was published
Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version...
Moderate
Unreviewed
CVE-2023-22848
was published
Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version...
Moderate
Unreviewed
CVE-2023-26585
was published
Oct 10, 2024
BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) ...
Moderate
Unreviewed
CVE-2024-1605
was published
Mar 18, 2024
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information...
Unknown
Unreviewed
CVE-2024-2759
was published
Apr 4, 2024
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0...
Critical
Unreviewed
CVE-2024-45519
was published
Oct 3, 2024
In lunary-ai/lunary versions 1.2.2 through 1.2.25, an improper access control vulnerability...
Moderate
Unreviewed
CVE-2024-5127
was published
Jun 6, 2024
Insecure permissions in the Bluetooth Low Energy (BLE) component of Fire-Boltt Artillery Smart...
High
Unreviewed
CVE-2024-46539
was published
Oct 8, 2024
ProTip!
Advisories are also available from the
GraphQL API