Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

244 advisories

Loading
The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated... Critical Unreviewed
CVE-2024-3777 was published Apr 15, 2024
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed
CVE-2024-45519 was published Oct 3, 2024
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and... Critical Unreviewed
CVE-2016-3427 was published May 13, 2022
TaskCafe 0.3.2 lacks validation in the Cookie value. Any unauthenticated attacker who knows a... Critical Unreviewed
CVE-2023-26770 was published Oct 4, 2024
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4... Critical Unreviewed
CVE-2024-42514 was published Oct 1, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.2... Critical Unreviewed
CVE-2023-5009 was published Sep 19, 2023
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive... Critical Unreviewed
CVE-2023-1083 was published Apr 9, 2024
SAP PowerDesigner - version 16.7, has improper access control which might allow an... Critical Unreviewed
CVE-2023-37483 was published Aug 8, 2023
Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands... Critical Unreviewed
CVE-2024-46627 was published Sep 26, 2024
Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9... Critical Unreviewed
CVE-2023-37759 was published Sep 8, 2023
An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in... Critical Unreviewed
CVE-2023-40039 was published Sep 11, 2023
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in... Critical Unreviewed
CVE-2024-42797 was published Sep 25, 2024
TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access... Critical Unreviewed
CVE-2023-43141 was published Sep 25, 2023
An Insecure Direct Object Reference (IDOR) vulnerability was identified in lunary-ai/lunary,... Critical Unreviewed
CVE-2024-5128 was published Jun 6, 2024
Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run... Critical Unreviewed
CVE-2024-45489 was published Sep 20, 2024
An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties... Critical Unreviewed
CVE-2024-46937 was published Sep 16, 2024
HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or... Critical Unreviewed
CVE-2023-5365 was published Oct 9, 2023
Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of this... Critical Unreviewed
CVE-2023-44118 was published Oct 11, 2023
An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also... Critical Unreviewed
CVE-2023-43119 was published Oct 16, 2023
TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive... Critical Unreviewed
CVE-2024-39376 was published Jun 27, 2024
Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are... Critical Unreviewed
CVE-2023-41721 was published Oct 25, 2023
Azure Stack Hub Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-38220 was published Sep 10, 2024
Orca HCM from LEARNING DIGITAL does not properly restrict access to a specific functionality,... Critical Unreviewed
CVE-2024-8584 was published Sep 9, 2024
An improper access control vulnerability has been identified in the SonicWall SonicOS management... Critical Unreviewed
CVE-2024-40766 was published Aug 23, 2024
eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via... Critical Unreviewed
CVE-2024-42919 was published Aug 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database