Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,000 advisories

Loading
Improper Access Control in Imagine Cup allows an authorized attacker to elevate privileges over a... High Unreviewed
CVE-2024-38204 was published Oct 16, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version... High Unreviewed
CVE-2023-25777 was published Oct 10, 2024
Magento Open Source Improper Access Control vulnerability High
CVE-2024-45118 was published for magento/community-edition (Composer) Oct 10, 2024
Insecure permissions in the Bluetooth Low Energy (BLE) component of Fire-Boltt Artillery Smart... High Unreviewed
CVE-2024-46539 was published Oct 8, 2024
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43590 was published Oct 8, 2024
Microsoft SharePoint Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43503 was published Oct 8, 2024
Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user... High Unreviewed
CVE-2024-9576 was published Oct 7, 2024
An issue was discovered in SonarSource SonarQube before 9.9.5 LTA and 10.x before 10.5. A... High Unreviewed
CVE-2024-47910 was published Oct 4, 2024
PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service... High Unreviewed
CVE-2024-46280 was published Sep 30, 2024
TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a... High Unreviewed
CVE-2024-46097 was published Sep 27, 2024
An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2... High Unreviewed
CVE-2024-44860 was published Sep 26, 2024
A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the... High Unreviewed
CVE-2024-45982 was published Sep 26, 2024
An issue in Foxit Software Foxit PDF Reader v.2024.2.2.25170 allows a local attacker to execute... High Unreviewed
CVE-2024-41605 was published Sep 26, 2024
An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and... High Unreviewed
CVE-2024-46609 was published Sep 25, 2024
Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering... High Unreviewed
CVE-2024-46607 was published Sep 25, 2024
Microsoft Office Visio Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38016 was published Sep 19, 2024
Mautic vulnerable to Improper Access Control in UI upgrade process High
CVE-2022-25768 was published for mautic/core (Composer) Sep 18, 2024
mollux escopecz
patrykgruszka
Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user... High Unreviewed
CVE-2023-43626 was published Sep 16, 2024
OMFLOW from The SYSCOM Group does not properly restrict access to the system settings... High Unreviewed
CVE-2024-8779 was published Sep 16, 2024
Lunary improper access control vulnerability High
CVE-2024-6087 was published for lunary (npm) Sep 13, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-8269 was published Sep 13, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService... High Unreviewed
CVE-2024-44571 was published Sep 11, 2024
Microsoft Power Automate Desktop Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43479 was published Sep 10, 2024
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43492 was published Sep 10, 2024
Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15... High Unreviewed
CVE-2024-44667 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database