GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
720 advisories
Filter by severity
Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attackers to create or update a...
High
Unreviewed
CVE-2024-37775
was published
Dec 17, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An...
High
Unreviewed
CVE-2024-55579
was published
Dec 9, 2024
A vulnerability exists where a low-privileged user can exploit insufficient permissions in...
High
Unreviewed
CVE-2024-45204
was published
Dec 4, 2024
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent...
High
Unreviewed
CVE-2024-42452
was published
Dec 4, 2024
An issue was discovered on Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware...
High
Unreviewed
CVE-2024-53937
was published
Dec 3, 2024
An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware...
High
Unreviewed
CVE-2024-53941
was published
Dec 3, 2024
In Click Studios Passwordstate before build 9920, there is a potential permission escalation on...
High
Unreviewed
CVE-2024-54124
was published
Nov 29, 2024
In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This...
High
Unreviewed
CVE-2018-9374
was published
Nov 28, 2024
The application Sensei Mac Cleaner contains a local privilege escalation vulnerability, allowing...
High
Unreviewed
CVE-2024-7915
was published
Nov 25, 2024
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an...
High
Unreviewed
CVE-2023-21270
was published
Nov 19, 2024
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component:...
High
Unreviewed
CVE-2024-21287
was published
Nov 19, 2024
The python_food ordering system V1.0 has an unauthorized vulnerability that leads to the leakage...
High
Unreviewed
CVE-2024-50647
was published
Nov 15, 2024
python_book V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain...
High
Unreviewed
CVE-2024-50650
was published
Nov 15, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.0 prior to 17.3.7...
High
Unreviewed
CVE-2024-9693
was published
Nov 14, 2024
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions ...
High
Unreviewed
CVE-2024-50310
was published
Nov 12, 2024
Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin...
High
Unreviewed
CVE-2024-30616
was published
Nov 4, 2024
Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization...
High
Unreviewed
CVE-2024-45164
was published
Nov 4, 2024
Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate...
High
Unreviewed
CVE-2024-51426
was published
Oct 30, 2024
Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate...
High
Unreviewed
CVE-2024-51425
was published
Oct 30, 2024
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
High
Unreviewed
CVE-2024-44289
was published
Oct 28, 2024
A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.1...
High
Unreviewed
CVE-2024-44270
was published
Oct 28, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44196
was published
Oct 28, 2024
OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST...
High
Unreviewed
CVE-2022-30356
was published
Oct 25, 2024
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request...
High
Unreviewed
CVE-2022-30358
was published
Oct 25, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
High
Unreviewed
CVE-2024-45261
was published
Oct 24, 2024
ProTip!
Advisories are also available from the
GraphQL API