GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,000 advisories
Filter by severity
A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to...
High
Unreviewed
CVE-2023-5207
was published
Sep 30, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2...
High
Unreviewed
CVE-2023-4379
was published
Nov 9, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 before 16.5.6...
High
Unreviewed
CVE-2023-4812
was published
Jan 12, 2024
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12...
High
Unreviewed
CVE-2023-5106
was published
Oct 2, 2023
An authorization bypass vulnerability was discovered in GitLab affecting versions 15.1 prior to...
High
Unreviewed
CVE-2024-0410
was published
Feb 22, 2024
An authorization bypass vulnerability was discovered in GitLab affecting versions 11.3 prior to...
High
Unreviewed
CVE-2024-0199
was published
Mar 7, 2024
MoinMoin Improper Access Control vulnerability
High
CVE-2009-4762
was published
for
moin
(pip)
May 2, 2022
PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service...
High
Unreviewed
CVE-2024-46280
was published
Sep 30, 2024
Mercurial vulnerable to arbitrary code execution when converting Git repos
High
CVE-2016-3105
was published
for
mercurial
(pip)
May 17, 2022
A broken access control vulnerability in the KillDupUsr_func function of spx_restservice allows...
High
Unreviewed
CVE-2021-44467
was published
Oct 24, 2022
In SAP Commerce Cloud - versions HY_COM 1905, HY_COM 2005, HY_COM2105, HY_COM 2011, HY_COM 2205,...
High
Unreviewed
CVE-2023-42481
was published
Dec 12, 2023
When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions...
High
Unreviewed
CVE-2023-35870
was published
Jul 11, 2023
TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a...
High
Unreviewed
CVE-2024-46097
was published
Sep 27, 2024
Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5...
High
Unreviewed
CVE-2023-43585
was published
Dec 14, 2023
OpenStack Keystone Allows Remote User Account Creation
High
CVE-2012-3542
was published
for
keystone
(pip)
May 17, 2022
A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the...
High
Unreviewed
CVE-2024-45982
was published
Sep 26, 2024
An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2...
High
Unreviewed
CVE-2024-44860
was published
Sep 26, 2024
An issue in Foxit Software Foxit PDF Reader v.2024.2.2.25170 allows a local attacker to execute...
High
Unreviewed
CVE-2024-41605
was published
Sep 26, 2024
netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the...
High
Unreviewed
CVE-2023-40850
was published
Sep 13, 2023
Improper Access Control in novajoin
High
CVE-2019-10138
was published
for
novajoin
(pip)
Mar 12, 2020
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos...
High
Unreviewed
CVE-2024-2698
was published
Jun 12, 2024
An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and...
High
Unreviewed
CVE-2024-46609
was published
Sep 25, 2024
Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering...
High
Unreviewed
CVE-2024-46607
was published
Sep 25, 2024
Vulnerability in the Oracle Sales for Handhelds product of Oracle E-Business Suite (component:...
High
Unreviewed
CVE-2023-21855
was published
Jan 18, 2023
Vulnerability in the PeopleSoft Enterprise Common Components product of Oracle PeopleSoft ...
High
Unreviewed
CVE-2022-39406
was published
Oct 19, 2022
ProTip!
Advisories are also available from the
GraphQL API