Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,305 advisories

Loading
Incorrect access control in wms-Warehouse management system-zeqp v2.20.9.1 due to the token value... Critical Unreviewed
CVE-2024-52732 was published Dec 2, 2024
python_book V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain... High Unreviewed
CVE-2024-50650 was published Nov 15, 2024
A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS... Critical Unreviewed
CVE-2024-31695 was published Nov 15, 2024
The python_food ordering system V1.0 has an unauthorized vulnerability that leads to the leakage... High Unreviewed
CVE-2024-50647 was published Nov 15, 2024
ansible-core Incorrect Authorization vulnerability Moderate
CVE-2024-9902 was published for ansible-core (pip) Nov 6, 2024
In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This... High Unreviewed
CVE-2018-9374 was published Nov 28, 2024
In Click Studios Passwordstate before build 9920, there is a potential permission escalation on... High Unreviewed
CVE-2024-54124 was published Nov 29, 2024
An issue was discovered in the CheckUserLog API in the CheckUser extension for MediaWiki through... Moderate Unreviewed
CVE-2023-37300 was published Jun 30, 2023
baltic-it TOPqw Webportal v1.35.283.2 is vulnerable to Incorrect Access Control in the User... Moderate Unreviewed
CVE-2024-45877 was published Nov 13, 2024
An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5... Moderate Unreviewed
CVE-2024-11669 was published Nov 26, 2024
UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on... Critical Unreviewed
CVE-2023-31997 was published Jul 1, 2023
A vulnerability in the management console of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0278 was published May 13, 2022
OpenStack Identity service (keystone) Incorrect Authorization High
CVE-2017-2673 was published for keystone (pip) May 13, 2022
OpenStack Compute Nova Unauthorised access to arbitrary VM using VNC token from deleted VM High
CVE-2013-0335 was published for Nova (pip) May 5, 2022
Jenkins item creation restriction bypass vulnerability Moderate
CVE-2024-47804 was published for org.jenkins-ci.main:jenkins-core (Maven) Oct 2, 2024
Incorrect authorization in the add permission component in Devolutions Remote Desktop Manager... Moderate Unreviewed
CVE-2024-11672 was published Nov 25, 2024
The application Sensei Mac Cleaner contains a local privilege escalation vulnerability, allowing... High Unreviewed
CVE-2024-7915 was published Nov 25, 2024
Incorrect authorization in the permission validation component of Devolutions Remote Desktop... Moderate Unreviewed
CVE-2024-11670 was published Nov 25, 2024
Nautobot missing object-level permissions enforcement when running Job Buttons Low
CVE-2023-51649 was published for nautobot (pip) Dec 22, 2023
abdikanipd
OpenZeppelin Contracts for Cairo account cannot process transactions on Goerli Moderate
CVE-2022-31153 was published for openzeppelin-cairo-contracts (pip) Jul 15, 2022
moodle: IDOR when fetching report schedules Moderate
CVE-2024-48901 was published for moodle/moodle (Composer) Nov 18, 2024
moodle: IDOR in edit/delete RSS feed Moderate
CVE-2024-48897 was published for moodle/moodle (Composer) Nov 18, 2024
Permission control vulnerability in the package management module.Successful exploitation of this... High Unreviewed
CVE-2023-52374 was published Feb 18, 2024
An issue in Zimbra Collaboration (ZCS) v.8.8.15 and v.9.0 allows a remote attacker to escalate... Critical Unreviewed
CVE-2023-29381 was published Jul 6, 2023
Harbor fails to validate the user permissions when reading job execution logs through the P2P preheat execution logs Moderate
CVE-2022-31671 was published for github.com/goharbor/harbor (Go) Sep 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database