Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,036
Erlang
29
GitHub Actions
18
Go
1,850
Maven
5,000+
npm
3,584
NuGet
636
pip
3,168
Pub
10
RubyGems
850
Rust
803
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,102 advisories

An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra... Critical Unreviewed
CVE-2024-38175 was published Aug 20, 2024
Ghost's improper authentication allows access to member information and actions Moderate
CVE-2024-43409 was published for @tryghost/portal (npm) Aug 20, 2024
1337Nerd
apollo-portal has potential unauthorized access issue Moderate
CVE-2024-43397 was published for com.ctrip.framework.apollo:apollo (Maven) Aug 20, 2024
Umbraco CMS Improper Access Control vulnerability Moderate
CVE-2024-43377 was published for Umbraco.Cms (NuGet) Aug 20, 2024
Improper Access Controls allows backend users to overwrite their username when disallowed. High Unreviewed
CVE-2024-27187 was published Aug 20, 2024
An issue in the login component (process_login.php) of Hotel Management System commit 79d688... Critical Unreviewed
CVE-2024-42559 was published Aug 20, 2024
Hargal - CWE-284: Improper Access Control High Unreviewed
CVE-2024-42334 was published Aug 20, 2024
A vulnerability has been found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016... Moderate Unreviewed
CVE-2024-7921 was published Aug 19, 2024
A vulnerability, which was classified as critical, has been found in Anhui Deshun Intelligent... Moderate Unreviewed
CVE-2024-7919 was published Aug 19, 2024
A vulnerability, which was classified as problematic, was found in Anhui Deshun Intelligent... Moderate Unreviewed
CVE-2024-7920 was published Aug 19, 2024
Flask-CORS allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default High
CVE-2024-6221 was published for flask-cors (pip) Aug 18, 2024
Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the... Critical Unreviewed
CVE-2024-42966 was published Aug 15, 2024
Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31... Moderate Unreviewed
CVE-2024-28050 was published Aug 14, 2024
Improper access control in some Intel(R) UEFI Integrator Tools on Aptio V for Intel(R) NUC may... High Unreviewed
CVE-2024-26022 was published Aug 14, 2024
Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network... Critical Unreviewed
CVE-2024-24986 was published Aug 14, 2024
improper access control in firmware for some Intel(R) FPGA products before version 24.1 may allow... High Unreviewed
CVE-2024-25576 was published Aug 14, 2024
Improper access control for some Intel(R) CIP software before version 2.4.10717 may allow an... Moderate Unreviewed
CVE-2023-43489 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed
CVE-2024-39414 was published Aug 14, 2024
Windows Update Stack Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38163 was published Aug 14, 2024
Azure CycleCloud Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38195 was published Aug 13, 2024
Windows Initial Machine Configuration Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-38223 was published Aug 13, 2024
Azure Connected Machine Agent Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38162 was published Aug 13, 2024
An improper access control vulnerability [CWE-284] in FortiOS 7.4.0 through 7.4.3, 7.2.5 through... Moderate Unreviewed
CVE-2024-36505 was published Aug 13, 2024
Insufficient validation of the Input Output Control (IOCTL) input buffer in AMD μProf may allow... High Unreviewed
CVE-2023-31341 was published Aug 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2024-41905 was published Aug 13, 2024
ProTip! Advisories are also available from the GraphQL API