Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,347 advisories

Loading
TestLink 1.9.20 is vulnerable to Incorrect Access Control in the TestPlan editing section. When a... High Unreviewed
CVE-2024-46097 was published Sep 27, 2024
An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2... High Unreviewed
CVE-2024-44860 was published Sep 26, 2024
An issue in Foxit Software Foxit PDF Reader v.2024.2.2.25170 allows a local attacker to execute... High Unreviewed
CVE-2024-41605 was published Sep 26, 2024
Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands... Critical Unreviewed
CVE-2024-46627 was published Sep 26, 2024
A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the... High Unreviewed
CVE-2024-45982 was published Sep 26, 2024
Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize access to archived channels when... Low Unreviewed
CVE-2024-47145 was published Sep 26, 2024
Mattermost versions 9.11.x <= 9.11.0, 9.10.x <= 9.10.1, 9.9.x <= 9.9.2 and 9.5.x <= 9.5.8 fail to... Moderate Unreviewed
CVE-2024-42406 was published Sep 26, 2024
A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on... Moderate Unreviewed
CVE-2024-20465 was published Sep 25, 2024
Incorrect access control in IceCMS v3.4.7 and before allows attackers to authenticate by entering... High Unreviewed
CVE-2024-46607 was published Sep 25, 2024
An access control issue in the CheckVip function in UserController.java of IceCMS v3.4.7 and... High Unreviewed
CVE-2024-46609 was published Sep 25, 2024
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in... Critical Unreviewed
CVE-2024-42797 was published Sep 25, 2024
Arc before 2024-08-26 allows remote code execution in JavaScript boosts. Boosts that run... Critical Unreviewed
CVE-2024-45489 was published Sep 20, 2024
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic... Moderate Unreviewed
CVE-2024-9003 was published Sep 19, 2024
Microsoft Office Visio Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38016 was published Sep 19, 2024
Mautic vulnerable to Improper Access Control in UI upgrade process High
CVE-2022-25768 was published for mautic/core (Composer) Sep 18, 2024
mollux escopecz
patrykgruszka
Directus vulnerable to SSRF Loopback IP filter bypass Moderate
CVE-2024-46990 was published for @directus/api (npm) Sep 18, 2024
r3dpower
Vite's `server.fs.deny` is bypassed when using `?import&raw` Moderate
CVE-2024-45811 was published for vite (npm) Sep 17, 2024
adi1
The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15... Moderate Unreviewed
CVE-2024-40825 was published Sep 17, 2024
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_genre in... Moderate Unreviewed
CVE-2024-42796 was published Sep 16, 2024
An Incorrect Access Control vulnerability was found in /music/view_user.php?id=3 and /music... Moderate Unreviewed
CVE-2024-42795 was published Sep 16, 2024
Kashipara Music Management System v1.0 is vulnerable to Incorrect Access Control via /music/ajax... Moderate Unreviewed
CVE-2024-42794 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software for all versions may allow an... Moderate Unreviewed
CVE-2024-34543 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user... Moderate Unreviewed
CVE-2024-36247 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software all versions may allow an... Low Unreviewed
CVE-2024-36261 was published Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user... Low Unreviewed
CVE-2024-28170 was published Sep 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database