GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
65 advisories
Filter by severity
A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is...
Moderate
Unreviewed
CVE-2024-11049
was published
Nov 10, 2024
An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7...
Moderate
Unreviewed
CVE-2024-0456
was published
Jan 26, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.4 before 16.7.6...
Moderate
Unreviewed
CVE-2024-0861
was published
Feb 22, 2024
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5,...
Moderate
Unreviewed
CVE-2023-4018
was published
Sep 1, 2023
The organization selector in Liferay Portal 7.4.3.81 through 7.4.3.85, and Liferay DXP 7.4 update...
Moderate
Unreviewed
CVE-2023-3426
was published
Aug 2, 2023
A CWE-862 “Missing Authorization” vulnerability in the “measure” functionality of the web...
Moderate
Unreviewed
CVE-2023-45598
was published
Mar 5, 2024
A CWE-862 “Missing Authorization” vulnerability in the “file_configuration” functionality of the...
Moderate
Unreviewed
CVE-2023-45596
was published
Mar 5, 2024
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-7753
was published
Aug 14, 2024
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE...
Moderate
Unreviewed
CVE-2023-44320
was published
Nov 14, 2023
An improper authentication vulnerability affecting Vonets
industrial wifi bridge relays...
Moderate
Unreviewed
CVE-2024-42001
was published
Aug 12, 2024
A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x....
Moderate
Unreviewed
CVE-2024-6414
was published
Jun 30, 2024
A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719....
Moderate
Unreviewed
CVE-2024-7153
was published
Jul 28, 2024
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared...
Moderate
Unreviewed
CVE-2024-7080
was published
Jul 24, 2024
A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic....
Moderate
Unreviewed
CVE-2024-6188
was published
Jun 20, 2024
Silverstripe Missing security check on dev/build/defaults
Moderate
GHSA-x5w2-wcr8-9q45
was published
for
silverstripe/framework
(Composer)
May 23, 2024
Silverstripe Forum Module CSRF Vulnerability
Moderate
GHSA-w8fq-xgvh-cxc2
was published
for
silverstripe/forum
(Composer)
May 23, 2024
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230809. It...
Moderate
Unreviewed
CVE-2023-4544
was published
Aug 26, 2023
Mautic uses predictable page indices for unpublished landing pages, their content can be accessed...
Moderate
Unreviewed
CVE-2024-2730
was published
Apr 10, 2024
The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that...
Moderate
Unreviewed
CVE-2023-4800
was published
Oct 16, 2023
JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a...
Moderate
Unreviewed
CVE-2015-1313
was published
Jun 29, 2023
The Contour Service was not checking that users had permission to create an analysis for a given...
Moderate
Unreviewed
CVE-2023-22834
was published
Jun 27, 2023
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated...
Moderate
Unreviewed
CVE-2019-17503
was published
May 24, 2022
A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the...
Moderate
Unreviewed
CVE-2019-1220
was published
May 24, 2022
In Directus 7 API through 2.3.0, remote attackers can read image files via a direct request for a...
Moderate
Unreviewed
CVE-2019-13981
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API