GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,055 advisories
Filter by severity
aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own services
Low
CVE-2024-39324
was published
for
aimeos/ai-admin-graphql
(Composer)
Jul 2, 2024
Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions
Moderate
CVE-2022-36109
was published
for
github.com/docker/docker
(Go)
Sep 16, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The...
Moderate
Unreviewed
CVE-2022-32259
was published
Jun 15, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The...
Moderate
Unreviewed
CVE-2022-32255
was published
Jun 15, 2022
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-895 FW102b07...
Critical
Unreviewed
CVE-2023-36091
was published
Jul 31, 2023
The License Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized access of...
Moderate
Unreviewed
CVE-2024-1639
was published
Jun 21, 2024
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5...
High
Unreviewed
CVE-2018-13382
was published
May 24, 2022
The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-5324
was published
Jun 6, 2024
After the initial setup process, some steps of setup.php file are reachable not only by super...
Moderate
Unreviewed
CVE-2022-23134
was published
Feb 9, 2022
In the System → Maintenance tool, the Logged Users tab surfaces sessionId data for all users via...
Moderate
Unreviewed
CVE-2024-4447
was published
Jul 26, 2024
Red-DiscordBot vulnerable to Incorrect Authorization in commands API
Moderate
CVE-2024-39905
was published
for
Red-DiscordBot
(pip)
Jul 11, 2024
NATS Server and Streaming Server fails to enforce negative user permissions, may allow denied subjects
Moderate
CVE-2022-29946
was published
for
github.com/nats-io/nats-server
(Go)
Jul 11, 2024
Silverstripe Reports are still accessible even when `canView()` returns false
Moderate
CVE-2024-29885
was published
for
silverstripe/reports
(Composer)
Jul 17, 2024
Windows AD FS Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2021-40456
was published
May 24, 2022
Windows Boot Manager Security Feature Bypass Vulnerability.
High
Unreviewed
CVE-2022-30203
was published
Jul 13, 2022
Windows Boot Manager Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2023-28249
was published
Apr 11, 2023
Windows Lock Screen Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2023-28270
was published
Apr 11, 2023
Secure Boot Security Feature Bypass Vulnerability.
Moderate
Unreviewed
CVE-2022-21894
was published
Jan 12, 2022
Windows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID is unique from CVE...
Moderate
Unreviewed
CVE-2022-41091
was published
Nov 10, 2022
Secure Boot Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2023-24932
was published
May 9, 2023
An Insecure Credential Management issue discovered in Connectize AC21000 G6 641.139.1.1256 allows...
Moderate
Unreviewed
CVE-2023-24047
was published
Dec 5, 2023
A client side rate limit issue discovered in Connectize AC21000 G6 641.139.1.1256 allows...
Critical
Unreviewed
CVE-2023-24051
was published
Dec 5, 2023
An issue discovered in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of...
Critical
Unreviewed
CVE-2023-24052
was published
Dec 5, 2023
In Delinea PAM Secret Server 11.4, it is possible for a user (with access to the Report...
Critical
Unreviewed
CVE-2024-25652
was published
Mar 14, 2024
IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0...
High
Unreviewed
CVE-2024-38329
was published
Jun 19, 2024
ProTip!
Advisories are also available from the
GraphQL API