Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

984 advisories

Loading
Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify... High Unreviewed
CVE-2024-33027 was published Aug 5, 2024
An Incorrect Access Control vulnerability in "/admin/programm/<program_id>/export/statistics" in... High Unreviewed
CVE-2024-41518 was published Aug 2, 2024
Mattermost allows remote actor to create/update/delete posts in arbitrary channels High
CVE-2024-41144 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 1, 2024
Studio 42 elFinder vulnerable to Incorrect Access Control High
CVE-2024-38909 was published for studio-42/elfinder (Composer) Jul 30, 2024
Insecure permissions in kuma v2.7.0 allows attackers to access sensitive data and escalate... High Unreviewed
CVE-2024-36542 was published Jul 25, 2024
Insecure permissions in cert-manager v1.14.4 allows attackers to access sensitive data and... High Unreviewed
CVE-2024-36537 was published Jul 24, 2024
Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E... High Unreviewed
CVE-2024-21153 was published Jul 17, 2024
An issue was found in upload.php on the Ruijie EG-2000 series gateway. A parameter passed to the... High Unreviewed
CVE-2019-16640 was published Jul 16, 2024
The access control in the Electronic Official Document Management System from 2100 TECHNOLOGY is... High Unreviewed
CVE-2024-6737 was published Jul 15, 2024
BookStack Incorrect Access Control vulnerability High
CVE-2024-36676 was published for ssddanbrown/bookstack (Composer) Jul 10, 2024
Windows File Explorer Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38100 was published Jul 9, 2024
DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38061 was published Jul 9, 2024
An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 -... High Unreviewed
CVE-2024-23663 was published Jul 9, 2024
Directus incorrectly handles `_in` filter High
CVE-2024-39701 was published for directus (npm) Jul 8, 2024
adelinn
rejetto HFS vulnerable to OS Command Execution by remote authenticated users High
CVE-2024-39943 was published for hfs (npm) Jul 5, 2024
Robotmk before 2.0.1 allows a local user to escalate privileges (e.g., to SYSTEM) if automated... High Unreviewed
CVE-2024-39934 was published Jul 4, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... High Unreviewed
CVE-2024-36989 was published Jul 1, 2024
In lunary-ai/lunary version 1.2.4, an improper access control vulnerability allows members with... High Unreviewed
CVE-2024-5714 was published Jun 27, 2024
An issue in Safe Exam Browser for Windows before 3.6 allows an attacker to share clipboard data... High Unreviewed
CVE-2024-37742 was published Jun 26, 2024
Artery AT32F415CBT7 and AT32F421C8T7 devices have Incorrect Access Control. High Unreviewed
CVE-2024-21740 was published Jun 25, 2024
An issue in Shenzhen Weitillage Industrial Co., Ltd the access management specialist V6.62.51215... High Unreviewed
CVE-2024-37677 was published Jun 24, 2024
Northern.tech Mender 3.3.x before 3.3.2, 3.5.x before 3.5.0, and 3.6.x before 3.6.0 has Incorrect... High Unreviewed
CVE-2022-45929 was published Jun 20, 2024
A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 ... High Unreviewed
CVE-2022-23829 was published Jun 18, 2024
DLL Hijacking vulnerability has been found in CENTUM CAMS Log server provided by Yokogawa... High Unreviewed
CVE-2024-5650 was published Jun 17, 2024
ColdFusion versions 2023u7, 2021u13 and earlier are affected by an Improper Access Control... High Unreviewed
CVE-2024-34112 was published Jun 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database