Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

136 advisories

Loading
Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows... High Unreviewed
CVE-2024-43460 was published Sep 17, 2024
A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management... High Unreviewed
CVE-2024-20381 was published Sep 11, 2024
Improper Authentication, Missing Authentication for Critical Function, Improper Authorization... High Unreviewed
CVE-2024-7015 was published Sep 9, 2024
A vulnerability was found in Forklift Controller.  There is no verification against the... High Unreviewed
CVE-2024-8509 was published Sep 6, 2024
The Zephyr Project Manager plugin for WordPress is vulnerable to limited privilege escalation in... High Unreviewed
CVE-2024-7624 was published Aug 15, 2024
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... High Unreviewed
CVE-2024-40814 was published Jul 30, 2024
The issue was addressed with improved restriction of data container access. This issue is fixed... High Unreviewed
CVE-2024-40783 was published Jul 30, 2024
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability High Unreviewed
CVE-2024-30061 was published Jul 9, 2024
In SAP Commerce, a user can misuse the forgotten password functionality to gain access to a... High Unreviewed
CVE-2024-39597 was published Jul 9, 2024
IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0... High Unreviewed
CVE-2024-38329 was published Jun 19, 2024
Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an... High Unreviewed
CVE-2024-25949 was published Jun 12, 2024
The 'deploy-website.yml' workflow in the gradio-app/gradio repository, specifically in the 'main'... High Unreviewed
CVE-2024-4254 was published Jun 4, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6... High Unreviewed
CVE-2024-23667 was published Jun 3, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6... High Unreviewed
CVE-2024-23670 was published Jun 3, 2024
Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service,... High Unreviewed
CVE-2024-23576 was published May 14, 2024
D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-44410 was published May 3, 2024
D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-32168 was published May 3, 2024
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight... High Unreviewed
CVE-2023-47166 was published May 1, 2024
An incorrect authorization vulnerability has been reported to affect several QNAP operating... High Unreviewed
CVE-2023-50363 was published Apr 26, 2024
A race condition flaw was found in sssd where the GPO policy is not consistently applied for... High Unreviewed
CVE-2023-3758 was published Apr 18, 2024
Permission verification vulnerability in the Settings module. Impact: Successful exploitation of... High Unreviewed
CVE-2023-52539 was published Apr 8, 2024
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, where it allows a guest... High Unreviewed
CVE-2024-0077 was published Mar 28, 2024
Privileges are not fully verified server-side, which can be abused by a user with limited... High Unreviewed
CVE-2024-28029 was published Mar 22, 2024
Microsoft Outlook Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21402 was published Feb 13, 2024
The vulnerability allows an authenticated remote attacker to perform actions exceeding their... High Unreviewed
CVE-2023-48252 was published Jan 10, 2024
ProTip! Advisories are also available from the GraphQL API