Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,361 advisories

Loading
EBM Technologies RISWEB's specific URL path is not properly controlled by permission, allowing... Moderate Unreviewed
CVE-2024-26263 was published Feb 15, 2024
The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated... Critical Unreviewed
CVE-2024-3777 was published Apr 15, 2024
The disabling function of the user registration page for Heimavista Rpage and Epage is not... Moderate Unreviewed
CVE-2024-2412 was published Mar 13, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45130 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45121 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability High
CVE-2024-45118 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45122 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45129 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45124 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Information Exposure vulnerability Moderate
CVE-2024-45133 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45135 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Low
CVE-2024-45149 was published for magento/community-edition (Composer) Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version... Low Unreviewed
CVE-2023-27303 was published Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version... Low Unreviewed
CVE-2023-26596 was published Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version... Moderate Unreviewed
CVE-2023-27301 was published Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version... Moderate Unreviewed
CVE-2023-24481 was published Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version... High Unreviewed
CVE-2023-25777 was published Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version... Moderate Unreviewed
CVE-2023-22848 was published Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version... Moderate Unreviewed
CVE-2023-26585 was published Oct 10, 2024
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information... Unknown Unreviewed
CVE-2024-2759 was published Apr 4, 2024
BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) ... Moderate Unreviewed
CVE-2024-1605 was published Mar 18, 2024
Keycloak's admin API allows low privilege users to use administrative functions High
CVE-2024-3656 was published for org.keycloak:keycloak-services (Maven) Jun 11, 2024
Vulnerable juju hook tool abstract UNIX domain socket Moderate
CVE-2024-8037 was published for github.com/juju/juju (Go) Oct 3, 2024
hpidcock phvalguima
PowerJob incorrect access control vulnerability High
CVE-2023-36106 was published for tech.powerjob:powerjob (Maven) Aug 17, 2023
In lunary-ai/lunary versions 1.2.2 through 1.2.25, an improper access control vulnerability... Moderate Unreviewed
CVE-2024-5127 was published Jun 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database