Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,039
Erlang
29
GitHub Actions
18
Go
1,864
Maven
5,000+
npm
3,587
NuGet
636
pip
3,176
Pub
10
RubyGems
852
Rust
805
Swift
34
Unreviewed advisories
All unreviewed
5,000+

477 advisories

DedeCMS V5.7.114 is vulnerable to deletion of any file via mail_file_manage.php. Critical Unreviewed
CVE-2024-33749 was published May 6, 2024
A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application... Moderate Unreviewed
CVE-2023-41819 was published May 3, 2024
D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-44410 was published May 3, 2024
D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-32168 was published May 3, 2024
An RBAC authorization risk in Carina v0.13.0 and earlier allows local attackers to execute... Moderate Unreviewed
CVE-2024-32359 was published May 2, 2024
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight... High Unreviewed
CVE-2023-47166 was published May 1, 2024
An incorrect authorization vulnerability has been reported to affect several QNAP operating... High Unreviewed
CVE-2023-50363 was published Apr 26, 2024
Quarkus: authorization flaw in quarkus resteasy reactive and classic Moderate
CVE-2023-5675 was published for io.quarkus:quarkus-resteasy-reactive-common (Maven) Apr 25, 2024
bschuhmann
A race condition flaw was found in sssd where the GPO policy is not consistently applied for... High Unreviewed
CVE-2023-3758 was published Apr 18, 2024
Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed... Moderate Unreviewed
CVE-2024-3840 was published Apr 17, 2024
OpenFGA Authorization Bypass High
CVE-2024-31452 was published for github.com/openfga/openfga (Go) Apr 16, 2024
lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members... Critical Unreviewed
CVE-2024-1741 was published Apr 10, 2024
Azure Migrate Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-26193 was published Apr 9, 2024
Permission verification vulnerability in the Settings module. Impact: Successful exploitation of... High Unreviewed
CVE-2023-52539 was published Apr 8, 2024
A vulnerability classified as critical was found in CP Plus Wi-Fi Camera up to 20240401. Affected... Moderate Unreviewed
CVE-2024-3434 was published Apr 8, 2024
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline Low
CVE-2024-30260 was published for undici (npm) Apr 4, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Computer... Moderate Unreviewed
CVE-2024-3139 was published Apr 2, 2024
A vulnerability was found in FLIR AX8 up to 1.46.16. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2024-3013 was published Mar 28, 2024
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, where it allows a guest... High Unreviewed
CVE-2024-0077 was published Mar 28, 2024
A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco... Moderate Unreviewed
CVE-2024-20333 was published Mar 27, 2024
Privileges are not fully verified server-side, which can be abused by a user with limited... High Unreviewed
CVE-2024-28029 was published Mar 22, 2024
GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspace High
CVE-2024-29033 was published for oauthenticator (pip) Mar 20, 2024
manics consideRatio
betatim
A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as... Moderate Unreviewed
CVE-2024-2641 was published Mar 20, 2024
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-2557 was published Mar 17, 2024
An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0... Moderate Unreviewed
CVE-2024-21761 was published Mar 12, 2024
ProTip! Advisories are also available from the GraphQL API