Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+

821 advisories

Loading
The ACL (Access Control List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7... High Unreviewed
CVE-2023-37491 was published Aug 8, 2023
RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If... High Unreviewed
CVE-2024-47560 was published Oct 1, 2024
Arbitrary file overwrite in OpenStack Nova High
CVE-2012-3447 was published for nova (pip) May 17, 2022
Base class whitelist configuration ignored in OAuthenticator High
CVE-2020-26250 was published for oauthenticator (pip) Dec 1, 2020
A hidden API exists in TapHome's core platform before version 2023.2 that allows an authenticated... High Unreviewed
CVE-2023-2759 was published Jul 17, 2023
Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows... High Unreviewed
CVE-2024-7108 was published Sep 26, 2024
An authorization bypass vulnerability was discovered in GitLab affecting versions 11.3 prior to... High Unreviewed
CVE-2024-0199 was published Mar 7, 2024
An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12... High Unreviewed
CVE-2023-5106 was published Oct 2, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2... High Unreviewed
CVE-2023-4379 was published Nov 9, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 before 16.5.6... High Unreviewed
CVE-2023-4812 was published Jan 12, 2024
An Incorrect Authorization vulnerability exists in lunary-ai/lunary versions up to and including... High Unreviewed
CVE-2024-5130 was published Jun 6, 2024
OpenStack Neutron vulnerable to hardware address impersonation High
CVE-2021-38598 was published for neutron (pip) May 24, 2022
Zoho ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a... High Unreviewed
CVE-2024-27312 was published May 20, 2024
Windows Remote Desktop Security Feature Bypass Vulnerability High Unreviewed
CVE-2021-1669 was published May 24, 2022
Paramiko Authentication Bypass vulnerability High
CVE-2018-1000805 was published for paramiko (pip) Oct 10, 2018
Pomerium service account access token may grant unintended access to databroker API High
CVE-2024-47616 was published for github.com/pomerium/pomerium (Go) Oct 2, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.6 prior to 17.2.9... High Unreviewed
CVE-2024-8970 was published Oct 11, 2024
Plone and Zope2 vulnerable to unauthorized access to restricted attributes High
CVE-2012-5489 was published for Plone (pip) Jul 23, 2018
Magento Open Source Improper Authorization vulnerability High
CVE-2024-45132 was published for magento/community-edition (Composer) Oct 10, 2024
An issue in Hideez com.hideez 2.7.8.3 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2024-48792 was published Oct 14, 2024
Vulnerability in the Oracle Quoting product of Oracle E-Business Suite (component: User Interface... High Unreviewed
CVE-2024-21275 was published Oct 15, 2024
Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2024-21276 was published Oct 15, 2024
Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft ... High Unreviewed
CVE-2024-21283 was published Oct 15, 2024
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2024-21268 was published Oct 15, 2024
Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services... High Unreviewed
CVE-2024-21285 was published Oct 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database