GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
136 advisories
Filter by severity
Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows...
High
Unreviewed
CVE-2024-43460
was published
Sep 17, 2024
Improper Authentication, Missing Authentication for Critical Function, Improper Authorization...
High
Unreviewed
CVE-2024-7015
was published
Sep 9, 2024
A vulnerability was found in subscription-manager that allows local privilege escalation due to...
High
Unreviewed
CVE-2023-3899
was published
Aug 23, 2023
A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management...
High
Unreviewed
CVE-2024-20381
was published
Sep 11, 2024
A vulnerability was found in Forklift Controller. There is no verification against the...
High
Unreviewed
CVE-2024-8509
was published
Sep 6, 2024
Permission verification vulnerability in the Settings module.
Impact: Successful exploitation of...
High
Unreviewed
CVE-2023-52539
was published
Apr 8, 2024
The Zephyr Project Manager plugin for WordPress is vulnerable to limited privilege escalation in...
High
Unreviewed
CVE-2024-7624
was published
Aug 15, 2024
IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0...
High
Unreviewed
CVE-2024-38329
was published
Jun 19, 2024
Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service,...
High
Unreviewed
CVE-2024-23576
was published
May 14, 2024
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in...
High
Unreviewed
CVE-2024-40814
was published
Jul 30, 2024
The issue was addressed with improved restriction of data container access. This issue is fixed...
High
Unreviewed
CVE-2024-40783
was published
Jul 30, 2024
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5...
High
Unreviewed
CVE-2018-13382
was published
May 24, 2022
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
High
Unreviewed
CVE-2024-30061
was published
Jul 9, 2024
In SAP Commerce, a user can misuse the forgotten
password functionality to gain access to a...
High
Unreviewed
CVE-2024-39597
was published
Jul 9, 2024
Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an...
High
Unreviewed
CVE-2024-25949
was published
Jun 12, 2024
The 'deploy-website.yml' workflow in the gradio-app/gradio repository, specifically in the 'main'...
High
Unreviewed
CVE-2024-4254
was published
Jun 4, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6...
High
Unreviewed
CVE-2024-23670
was published
Jun 3, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6...
High
Unreviewed
CVE-2024-23667
was published
Jun 3, 2024
A race condition flaw was found in sssd where the GPO policy is not consistently applied for...
High
Unreviewed
CVE-2023-3758
was published
Apr 18, 2024
D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-44410
was published
May 3, 2024
D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-32168
was published
May 3, 2024
A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight...
High
Unreviewed
CVE-2023-47166
was published
May 1, 2024
An incorrect authorization vulnerability has been reported to affect several QNAP operating...
High
Unreviewed
CVE-2023-50363
was published
Apr 26, 2024
Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing...
High
Unreviewed
CVE-2023-28584
was published
Sep 5, 2023
Transient DOS due to improper authorization in Modem
High
Unreviewed
CVE-2022-40521
was published
Jun 6, 2023
ProTip!
Advisories are also available from the
GraphQL API