GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
498 advisories
Filter by severity
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
Moderate
Unreviewed
CVE-2024-39415
was published
Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
Moderate
Unreviewed
CVE-2024-39417
was published
Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
Moderate
Unreviewed
CVE-2024-39407
was published
Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
Moderate
Unreviewed
CVE-2024-39413
was published
Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
Moderate
Unreviewed
CVE-2024-39418
was published
Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
Moderate
Unreviewed
CVE-2024-39411
was published
Aug 14, 2024
Magento Open Source Improper Authorization vulnerability
Moderate
CVE-2024-39412
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
Moderate
Unreviewed
CVE-2024-39416
was published
Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
Moderate
Unreviewed
CVE-2024-39419
was published
Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
Moderate
Unreviewed
CVE-2024-39405
was published
Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
Moderate
Unreviewed
CVE-2024-39404
was published
Aug 14, 2024
"Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a...
Moderate
Unreviewed
CVE-2024-6384
was published
Aug 13, 2024
OpenFGA Authorization Bypass
High
CVE-2024-42473
was published
for
github.com/openfga/openfga
(Go)
Aug 9, 2024
Jenkins does not perform a permission check in an HTTP endpoint
Moderate
CVE-2024-43045
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Aug 7, 2024
A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been classified...
Moderate
Unreviewed
CVE-2024-7578
was published
Aug 7, 2024
An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an...
Critical
Unreviewed
CVE-2024-36130
was published
Aug 7, 2024
Bostr Improper Authorization vulnerability
Moderate
CVE-2024-41962
was published
for
bostr
(npm)
Aug 2, 2024
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in...
High
Unreviewed
CVE-2024-40814
was published
Jul 30, 2024
The issue was addressed with improved restriction of data container access. This issue is fixed...
High
Unreviewed
CVE-2024-40783
was published
Jul 30, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported...
Moderate
Unreviewed
CVE-2024-21166
was published
Jul 17, 2024
OpenSearch Observability does not properly restrict access to private tenant resources
Moderate
CVE-2024-39901
was published
for
org.opensearch.plugin:opensearch-observability
(Maven)
Jul 10, 2024
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
High
Unreviewed
CVE-2024-30061
was published
Jul 9, 2024
In SAP Commerce, a user can misuse the forgotten
password functionality to gain access to a...
High
Unreviewed
CVE-2024-39597
was published
Jul 9, 2024
A command for refining a collection shard key is missing an authorization check. This may cause...
Moderate
Unreviewed
CVE-2024-6375
was published
Jul 1, 2024
IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do...
Moderate
Unreviewed
CVE-2023-35022
was published
Jun 30, 2024
ProTip!
Advisories are also available from the
GraphQL API