Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,339 advisories

Loading
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45122 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Moderate
CVE-2024-45129 was published for magento/community-edition (Composer) Oct 10, 2024
Magento Open Source Improper Access Control vulnerability High
CVE-2024-45118 was published for magento/community-edition (Composer) Oct 10, 2024
Insecure permissions in the Bluetooth Low Energy (BLE) component of Fire-Boltt Artillery Smart... High Unreviewed
CVE-2024-46539 was published Oct 8, 2024
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43590 was published Oct 8, 2024
Microsoft SharePoint Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43503 was published Oct 8, 2024
Windows Remote Desktop Services Tampering Vulnerability Moderate Unreviewed
CVE-2024-43456 was published Oct 8, 2024
Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user... High Unreviewed
CVE-2024-9576 was published Oct 7, 2024
An issue was discovered in SonarSource SonarQube before 9.9.5 LTA and 10.x before 10.5. A... High Unreviewed
CVE-2024-47910 was published Oct 4, 2024
TaskCafe 0.3.2 lacks validation in the Cookie value. Any unauthenticated attacker who knows a... Critical Unreviewed
CVE-2023-26770 was published Oct 4, 2024
Bandisoft BandiView 7.05 is vulnerable to Incorrect Access Control in sub_0x3d80fc via a crafted... Moderate Unreviewed
CVE-2024-45870 was published Oct 3, 2024
Vulnerable juju hook tool abstract UNIX domain socket Moderate
CVE-2024-8037 was published for github.com/juju/juju (Go) Oct 3, 2024
hpidcock phvalguima
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed
CVE-2024-45519 was published Oct 3, 2024
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4... Critical Unreviewed
CVE-2024-42514 was published Oct 1, 2024
PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service... High Unreviewed
CVE-2024-46280 was published Sep 30, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0 and classified... Moderate Unreviewed
CVE-2024-9321 was published Sep 29, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been... Moderate Unreviewed
CVE-2024-9298 was published Sep 28, 2024
TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a... High Unreviewed
CVE-2024-46097 was published Sep 27, 2024
An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2... High Unreviewed
CVE-2024-44860 was published Sep 26, 2024
A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the... High Unreviewed
CVE-2024-45982 was published Sep 26, 2024
An issue in Foxit Software Foxit PDF Reader v.2024.2.2.25170 allows a local attacker to execute... High Unreviewed
CVE-2024-41605 was published Sep 26, 2024
Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands... Critical Unreviewed
CVE-2024-46627 was published Sep 26, 2024
Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize access to archived channels when... Low Unreviewed
CVE-2024-47145 was published Sep 26, 2024
Mattermost versions 9.11.x <= 9.11.0, 9.10.x <= 9.10.1, 9.9.x <= 9.9.2 and 9.5.x <= 9.5.8 fail to... Moderate Unreviewed
CVE-2024-42406 was published Sep 26, 2024
A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on... Moderate Unreviewed
CVE-2024-20465 was published Sep 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database