GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,936
Composer 4,051
Erlang 29
GitHub Actions 19
Go 1,880
Maven 5,072
npm 3,602
NuGet 638
pip 3,204
Pub 10
RubyGems 852
Rust 815
Swift 35

Unreviewed advisories

All unreviewed 227,174

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,166 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper or... High Unreviewed

CVE-2024-45170 was published Sep 4, 2024

Insufficient access checks in Visual Planning Admin Center 8 before v.1 Build 240207 allow... High Unreviewed

CVE-2023-49233 was published Sep 3, 2024

Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting... Critical Unreviewed

CVE-2024-45522 was published Sep 2, 2024

In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access... Critical Unreviewed

CVE-2024-45509 was published Sep 2, 2024

Powermail TYPO3 extension Broken Access Control in the OutputController Moderate

CVE-2024-45233 was published for in2code/powermail (Composer) Aug 29, 2024

An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an... Moderate Unreviewed

CVE-2024-44913 was published Aug 28, 2024

An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an... Moderate Unreviewed

CVE-2024-44914 was published Aug 28, 2024

An issue in the component EXR!ReadEXR+0x4eef0 of Irfanview v4.67.1.0 allows attackers to cause an... Moderate Unreviewed

CVE-2024-44915 was published Aug 28, 2024

A vulnerability in the restricted security domain implementation of Cisco Application Policy... Moderate Unreviewed

CVE-2024-20279 was published Aug 28, 2024

A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode... Moderate Unreviewed

CVE-2024-8216 was published Aug 27, 2024

A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a... Moderate Unreviewed

CVE-2024-5814 was published Aug 27, 2024

An incorrect access control vulnerability in Rubrik CDM versions prior to 9.1.2-p1, 9.0.3-p6 and... High Unreviewed

CVE-2024-36068 was published Aug 27, 2024

The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an... Critical Unreviewed

CVE-2024-7954 was published Aug 23, 2024

Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via ... Moderate Unreviewed

CVE-2024-42766 was published Aug 23, 2024

An improper access control vulnerability has been identified in the SonicWall SonicOS management... Unknown Unreviewed

CVE-2024-40766 was published Aug 23, 2024

Improper access control in Decentralized Identity Services allows an unathenticated attacker to... High Unreviewed

CVE-2024-43477 was published Aug 23, 2024

An Incorrect Access Control vulnerability was found in /admin/rooms.php in Kashipara Hotel... High Unreviewed

CVE-2024-42772 was published Aug 22, 2024

Mattermost allows user with systems manager role with read-only access to teams to perform write operations on teams Moderate

CVE-2024-42497 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024

Mattermost allows guest user with read access to upload files to a channel Moderate

CVE-2024-43780 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024

An Incorrect Access Control vulnerability was found in /admin/add_room_controller.php in... Critical Unreviewed

CVE-2024-42775 was published Aug 22, 2024

Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Access Control via /admin/users... High Unreviewed

CVE-2024-42776 was published Aug 22, 2024

Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP... Moderate Unreviewed

CVE-2024-36441 was published Aug 22, 2024

Mattermost allows team admin user without "Add Team Members" permission to disable invite URL Low

CVE-2024-40884 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024

An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 17.1.6... Moderate Unreviewed

CVE-2024-3127 was published Aug 22, 2024

Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole... High Unreviewed

CVE-2024-36443 was published Aug 22, 2024

Previous 1 2 3 4 5 … 86 87 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,166 advisories