GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,218
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
140 advisories
Filter by severity
The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that...
High
Unreviewed
CVE-2024-9235
was published
Oct 25, 2024
Privileges are not fully verified server-side, which can be abused by a user with limited...
High
Unreviewed
CVE-2024-28029
was published
Mar 22, 2024
Windows Kerberos Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38129
was published
Oct 8, 2024
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W,...
High
Unreviewed
CVE-2024-20393
was published
Oct 2, 2024
The ACL (Access Control List) of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7...
High
Unreviewed
CVE-2023-37491
was published
Aug 8, 2023
Improper Authentication, Missing Authentication for Critical Function, Improper Authorization...
High
Unreviewed
CVE-2024-7015
was published
Sep 9, 2024
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions...
High
Unreviewed
CVE-2023-40683
was published
Jan 19, 2024
Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows...
High
Unreviewed
CVE-2024-43460
was published
Sep 17, 2024
A vulnerability was found in subscription-manager that allows local privilege escalation due to...
High
Unreviewed
CVE-2023-3899
was published
Aug 23, 2023
A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management...
High
Unreviewed
CVE-2024-20381
was published
Sep 11, 2024
A vulnerability was found in Forklift Controller. There is no verification against the...
High
Unreviewed
CVE-2024-8509
was published
Sep 6, 2024
Permission verification vulnerability in the Settings module.
Impact: Successful exploitation of...
High
Unreviewed
CVE-2023-52539
was published
Apr 8, 2024
The Zephyr Project Manager plugin for WordPress is vulnerable to limited privilege escalation in...
High
Unreviewed
CVE-2024-7624
was published
Aug 15, 2024
IBM Storage Protect for Virtual Environments: Data Protection for VMware 8.1.0.0 through 8.1.22.0...
High
Unreviewed
CVE-2024-38329
was published
Jun 19, 2024
Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service,...
High
Unreviewed
CVE-2024-23576
was published
May 14, 2024
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in...
High
Unreviewed
CVE-2024-40814
was published
Jul 30, 2024
The issue was addressed with improved restriction of data container access. This issue is fixed...
High
Unreviewed
CVE-2024-40783
was published
Jul 30, 2024
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5...
High
Unreviewed
CVE-2018-13382
was published
May 24, 2022
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
High
Unreviewed
CVE-2024-30061
was published
Jul 9, 2024
In SAP Commerce, a user can misuse the forgotten
password functionality to gain access to a...
High
Unreviewed
CVE-2024-39597
was published
Jul 9, 2024
Dell OS10 Networking Switches, versions10.5.6.x, 10.5.5.x, 10.5.4.x and 10.5.3.x ,contain an...
High
Unreviewed
CVE-2024-25949
was published
Jun 12, 2024
The 'deploy-website.yml' workflow in the gradio-app/gradio repository, specifically in the 'main'...
High
Unreviewed
CVE-2024-4254
was published
Jun 4, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6...
High
Unreviewed
CVE-2024-23670
was published
Jun 3, 2024
An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6...
High
Unreviewed
CVE-2024-23667
was published
Jun 3, 2024
A race condition flaw was found in sssd where the GPO policy is not consistently applied for...
High
Unreviewed
CVE-2023-3758
was published
Apr 18, 2024
ProTip!
Advisories are also available from the
GraphQL API