GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,944
Composer 4,273
Erlang 31
GitHub Actions 21
Go 2,055
Maven 5,234
npm 3,739
NuGet 668
pip 3,417
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,528

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,902 advisories

Filter by severity

Sort by

Least recently updated

In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects Moderate Unreviewed

CVE-2024-56350 was published Dec 20, 2024

In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of... Moderate Unreviewed

CVE-2024-56348 was published Dec 20, 2024

Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This... Moderate Unreviewed

CVE-2024-12831 was published Dec 20, 2024

Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android... Critical Unreviewed

CVE-2023-4617 was published Dec 19, 2024

Dante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect access control for some sockd.conf... Critical Unreviewed

CVE-2024-54662 was published Dec 17, 2024

The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in... Low Unreviewed

CVE-2024-9654 was published Dec 17, 2024

Incorrect access control in Sunbird DCIM dcTrack v9.1.2 allows attackers to create or update a... High Unreviewed

CVE-2024-37775 was published Dec 17, 2024

An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5... Moderate Unreviewed

CVE-2024-8116 was published Dec 16, 2024

An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5... Moderate Unreviewed

CVE-2024-8650 was published Dec 16, 2024

An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6... Low Unreviewed

CVE-2024-10043 was published Dec 12, 2024

The issue was addressed with improved permissions logic. This issue is fixed in macOS Sequoia 15... Moderate Unreviewed

CVE-2024-54495 was published Dec 12, 2024

An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An... High Unreviewed

CVE-2024-55579 was published Dec 9, 2024

Mattermost versions 9.7.x <= 9.7.5, 9.8.x <= 9.8.2 and 9.9.x <= 9.9.2 fail to properly propagate... Moderate Unreviewed

CVE-2024-12247 was published Dec 5, 2024

Incorrect authorization in the permission component in Devolutions Server 2024.3.7.0 and earlier... Moderate Unreviewed

CVE-2024-12196 was published Dec 4, 2024

Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and... Moderate Unreviewed

CVE-2024-12148 was published Dec 4, 2024

Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance... Moderate Unreviewed

CVE-2023-52944 was published Dec 4, 2024

Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance... Moderate Unreviewed

CVE-2023-52943 was published Dec 4, 2024

A vulnerability exists where a low-privileged user can exploit insufficient permissions in... High Unreviewed

CVE-2024-45204 was published Dec 4, 2024

A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent... High Unreviewed

CVE-2024-42452 was published Dec 4, 2024

An issue was discovered on Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware... High Unreviewed

CVE-2024-53937 was published Dec 3, 2024

An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware... High Unreviewed

CVE-2024-53941 was published Dec 3, 2024

Incorrect access control in wms-Warehouse management system-zeqp v2.20.9.1 due to the token value... Critical Unreviewed

CVE-2024-52732 was published Dec 2, 2024

In Click Studios Passwordstate before build 9920, there is a potential permission escalation on... High Unreviewed

CVE-2024-54124 was published Nov 29, 2024

In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This... High Unreviewed

CVE-2018-9374 was published Nov 28, 2024

An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5... Moderate Unreviewed

CVE-2024-11669 was published Nov 26, 2024

Previous 1 2 3 4 5 … 76 77 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,902 advisories