Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,286
Erlang
31
GitHub Actions
21
Go
2,058
Maven
5,000+
npm
3,742
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

270 advisories

Loading
A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as... Moderate Unreviewed
CVE-2024-2641 was published Mar 20, 2024
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-2557 was published Mar 17, 2024
An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0... Moderate Unreviewed
CVE-2024-21761 was published Mar 12, 2024
A vulnerability was found in Bdtask Hospital AutoManager up to 20240227 and classified as... Moderate Unreviewed
CVE-2024-2317 was published Mar 8, 2024
Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain an improper authorization... Moderate Unreviewed
CVE-2024-24900 was published Mar 1, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.4 before 16.7.6... Moderate Unreviewed
CVE-2024-0861 was published Feb 22, 2024
SnapCenter versions 4.8 prior to 5.0 are susceptible to a vulnerability which could allow an... Moderate Unreviewed
CVE-2024-21987 was published Feb 16, 2024
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with... Moderate Unreviewed
CVE-2023-43609 was published Feb 9, 2024
An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3,... Moderate Unreviewed
CVE-2023-6564 was published Feb 8, 2024
Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could... Moderate Unreviewed
CVE-2024-23806 was published Feb 7, 2024
Certain configuration available in the communication channel for encoders could expose sensitive... Moderate Unreviewed
CVE-2024-22388 was published Feb 7, 2024
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint... Moderate Unreviewed
CVE-2024-24936 was published Feb 6, 2024
An incorrect authorization vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed
CVE-2023-32967 was published Feb 2, 2024
An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7... Moderate Unreviewed
CVE-2024-0456 was published Jan 26, 2024
A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this... Moderate Unreviewed
CVE-2022-4962 was published Jan 13, 2024
SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does... Moderate Unreviewed
CVE-2024-21736 was published Jan 9, 2024
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 16.4.4,... Moderate Unreviewed
CVE-2023-5061 was published Dec 15, 2023
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread... Moderate Unreviewed
CVE-2023-50871 was published Dec 15, 2023
Possible user mocking that bypasses basic authentication Moderate
CVE-2023-48309 was published for next-auth (npm) Nov 20, 2023
securing dastaj
magnunm balazsorban44 ThangHuuVu
Improper authorization in some Intel Battery Life Diagnostic Tool installation software before... Moderate Unreviewed
CVE-2023-32662 was published Nov 14, 2023
Improper authorization in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2... Moderate Unreviewed
CVE-2023-28378 was published Nov 14, 2023
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2... Moderate Unreviewed
CVE-2023-36633 was published Nov 14, 2023
Apache Airflow allows authenticated and DAG-view authorized users to modify some DAG run detail values when submitting notes Moderate
CVE-2023-47037 was published for apache-airflow (pip) Nov 12, 2023
r3kumar sunSUNQ
PrestaShop blockreassurance BO User can remove any file from server when adding a and deleting a block Moderate
CVE-2023-47109 was published for prestashop/blockreassurance (Composer) Nov 8, 2023
The Fancy Product Designer plugin for WordPress is vulnerable to unauthorized access to data and... Moderate Unreviewed
CVE-2021-4335 was published Oct 20, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database