GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,653
Erlang
29
GitHub Actions
16
Go
1,706
Maven
4,938
npm
3,471
NuGet
603
pip
2,985
Pub
10
RubyGems
826
Rust
772
Swift
34
Unreviewed advisories
All unreviewed
5,000+
427 advisories
Filter by severity
FOSUserBundle User Identity Validation Vulnerability
Moderate
GHSA-8wx3-8m4x-g5h4
was published
for
friendsofsymfony/user-bundle
(Composer)
May 15, 2024
Certain MQTT wildcards are not blocked on the
CyberPower PowerPanel
system, which might result...
Moderate
Unreviewed
CVE-2024-31409
was published
May 15, 2024
eZ Publish Legacy Passwordless login for LDAP users
High
GHSA-p9mp-vq4v-v5m5
was published
for
ezsystems/ezpublish-legacy
(Composer)
May 15, 2024
A vulnerability was found in Campcodes Online Laundry Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-4819
was published
May 14, 2024
A PendingIntent hijacking vulnerability was reported in the Motorola Face Unlock application...
Moderate
Unreviewed
CVE-2023-41819
was published
May 3, 2024
D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-44410
was published
May 3, 2024
D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-32168
was published
May 3, 2024
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight...
High
Unreviewed
CVE-2023-47166
was published
May 1, 2024
An incorrect authorization vulnerability has been reported to affect several QNAP operating...
High
Unreviewed
CVE-2023-50363
was published
Apr 26, 2024
Quarkus: authorization flaw in quarkus resteasy reactive and classic
Moderate
CVE-2023-5675
was published
for
io.quarkus:quarkus-resteasy-reactive-common
(Maven)
Apr 25, 2024
A race condition flaw was found in sssd where the GPO policy is not consistently applied for...
High
Unreviewed
CVE-2023-3758
was published
Apr 18, 2024
OpenFGA Authorization Bypass
High
CVE-2024-31452
was published
for
github.com/openfga/openfga
(Go)
Apr 16, 2024
lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members...
Critical
Unreviewed
CVE-2024-1741
was published
Apr 10, 2024
Azure Migrate Remote Code Execution Vulnerability
Moderate
Unreviewed
CVE-2024-26193
was published
Apr 9, 2024
A vulnerability classified as critical was found in CP Plus Wi-Fi Camera up to 20240401. Affected...
Moderate
Unreviewed
CVE-2024-3434
was published
Apr 8, 2024
Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline
Low
CVE-2024-30260
was published
for
undici
(npm)
Apr 4, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Computer...
Moderate
Unreviewed
CVE-2024-3139
was published
Apr 2, 2024
A vulnerability was found in FLIR AX8 up to 1.46.16. It has been rated as critical. This issue...
Moderate
Unreviewed
CVE-2024-3013
was published
Mar 28, 2024
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, where it allows a guest...
High
Unreviewed
CVE-2024-0077
was published
Mar 28, 2024
A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco...
Moderate
Unreviewed
CVE-2024-20333
was published
Mar 27, 2024
Privileges are not fully verified server-side, which can be abused by a user with limited...
High
Unreviewed
CVE-2024-28029
was published
Mar 22, 2024
GoogleOAuthenticator.hosted_domain incorrectly verifies membership of an Google organization/workspace
High
CVE-2024-29033
was published
for
oauthenticator
(pip)
Mar 20, 2024
A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been classified as...
Moderate
Unreviewed
CVE-2024-2641
was published
Mar 20, 2024
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-2557
was published
Mar 17, 2024
An improper authorization vulnerability [CWE-285] in FortiPortal version 7.2.0, and versions 7.0...
Moderate
Unreviewed
CVE-2024-21761
was published
Mar 12, 2024
ProTip!
Advisories are also available from the
GraphQL API