Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

537 advisories

Loading
D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-32168 was published May 3, 2024
An RBAC authorization risk in Carina v0.13.0 and earlier allows local attackers to execute... Moderate Unreviewed
CVE-2024-32359 was published May 2, 2024
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight... High Unreviewed
CVE-2023-47166 was published May 1, 2024
An incorrect authorization vulnerability has been reported to affect several QNAP operating... High Unreviewed
CVE-2023-50363 was published Apr 26, 2024
Quarkus: authorization flaw in quarkus resteasy reactive and classic Moderate
CVE-2023-5675 was published for io.quarkus:quarkus-resteasy-reactive-common (Maven) Apr 25, 2024
bschuhmann
A race condition flaw was found in sssd where the GPO policy is not consistently applied for... High Unreviewed
CVE-2023-3758 was published Apr 18, 2024
Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed... Moderate Unreviewed
CVE-2024-3840 was published Apr 17, 2024
OpenFGA Authorization Bypass High
CVE-2024-31452 was published for github.com/openfga/openfga (Go) Apr 16, 2024
lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members... Critical Unreviewed
CVE-2024-1741 was published Apr 10, 2024
Azure Migrate Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-26193 was published Apr 9, 2024
Permission verification vulnerability in the Settings module. Impact: Successful exploitation of... High Unreviewed
CVE-2023-52539 was published Apr 8, 2024
A vulnerability classified as critical was found in CP Plus Wi-Fi Camera up to 20240401. Affected... Moderate Unreviewed
CVE-2024-3434 was published Apr 8, 2024
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline Low
CVE-2024-30260 was published for undici (npm) Apr 4, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Computer... Moderate Unreviewed
CVE-2024-3139 was published Apr 2, 2024
A vulnerability was found in FLIR AX8 up to 1.46.16. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2024-3013 was published Mar 28, 2024
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, where it allows a guest... High Unreviewed
CVE-2024-0077 was published Mar 28, 2024
A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco... Moderate Unreviewed
CVE-2024-20333 was published Mar 27, 2024
Privileges are not fully verified server-side, which can be abused by a user with limited... High Unreviewed
CVE-2024-28029 was published Mar 22, 2024
GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspace High
CVE-2024-29033 was published for oauthenticator (pip) Mar 20, 2024
manics consideRatio
betatim
A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as... Moderate Unreviewed
CVE-2024-2641 was published Mar 20, 2024
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-2557 was published Mar 17, 2024
An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0... Moderate Unreviewed
CVE-2024-21761 was published Mar 12, 2024
A vulnerability was found in Bdtask Hospital AutoManager up to 20240227 and classified as... Moderate Unreviewed
CVE-2024-2317 was published Mar 8, 2024
`GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user High
CVE-2024-27916 was published for github.com/stacklok/minder (Go) Mar 5, 2024
dmjb
Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain an improper authorization... Moderate Unreviewed
CVE-2024-24900 was published Mar 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database