Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,305 advisories

Loading
Oqtane Framework Insecure Direct Object Reference vulnerability Low
CVE-2024-55186 was published for Oqtane.Client (NuGet) Dec 20, 2024
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed
CVE-2024-45519 was published Oct 3, 2024
Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through... High Unreviewed
CVE-2024-38856 was published Aug 5, 2024
In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects Moderate Unreviewed
CVE-2024-56350 was published Dec 20, 2024
In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of... Moderate Unreviewed
CVE-2024-56348 was published Dec 20, 2024
Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This... Moderate Unreviewed
CVE-2024-12831 was published Dec 20, 2024
Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android... Critical Unreviewed
CVE-2023-4617 was published Dec 19, 2024
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline Low
CVE-2024-30260 was published for undici (npm) Apr 4, 2024
Dante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect access control for some sockd.conf... Critical Unreviewed
CVE-2024-54662 was published Dec 17, 2024
TShock Security Escalation Exploit High
GHSA-hvm9-wc8j-mgrc was published for TShock (NuGet) Dec 18, 2024
sgkoishi THEXN
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an... High Unreviewed
CVE-2023-21270 was published Nov 19, 2024
Elasticsearch Incorrect Authorization vulnerability Moderate
CVE-2024-12539 was published for org.elasticsearch:elasticsearch (Maven) Dec 17, 2024
Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attackers to create or update a... High Unreviewed
CVE-2024-37775 was published Dec 17, 2024
The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in... Low Unreviewed
CVE-2024-9654 was published Dec 17, 2024
SnapCenter versions 4.8 prior to 5.0 are susceptible to a vulnerability which could allow an... Moderate Unreviewed
CVE-2024-21987 was published Feb 16, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5... Moderate Unreviewed
CVE-2024-8116 was published Dec 16, 2024
An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5... Moderate Unreviewed
CVE-2024-8650 was published Dec 16, 2024
An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that... High Unreviewed
CVE-2022-1949 was published Jun 3, 2022
An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11... Moderate Unreviewed
CVE-2024-5258 was published May 23, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 17.1.6... Moderate Unreviewed
CVE-2024-3127 was published Aug 22, 2024
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. A mobile network... High Unreviewed
CVE-2023-25185 was published Jun 16, 2023
A permissions issue was addressed by removing vulnerable code and adding additional checks. This... Critical Unreviewed
CVE-2024-44217 was published Oct 29, 2024
XWiki allows remote code execution through the extension sheet Critical
CVE-2024-55662 was published for org.xwiki.platform:xwiki-platform-repository-server-ui (Maven) Dec 12, 2024
The issue was addressed with improved permissions logic. This issue is fixed in macOS Sequoia 15... Moderate Unreviewed
CVE-2024-54495 was published Dec 12, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6... Low Unreviewed
CVE-2024-10043 was published Dec 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database