GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,463
Composer 4,412
Erlang 33
GitHub Actions 22
Go 2,148
Maven 5,319
npm 3,814
NuGet 689
pip 3,487
Pub 12
RubyGems 901
Rust 900
Swift 38

Unreviewed advisories

All unreviewed 246,508

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

259 advisories

Filter by severity

Sort by

Least recently updated

An issue in the login component (process_login.php) of Hotel Management System commit 79d688... Critical Unreviewed

CVE-2024-42559 was published Aug 20, 2024

Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the... Critical Unreviewed

CVE-2024-42966 was published Aug 15, 2024

Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the... Critical Unreviewed

CVE-2024-42967 was published Aug 15, 2024

Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network... Critical Unreviewed

CVE-2024-24986 was published Aug 14, 2024

A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in... Critical Unreviewed

CVE-2024-40480 was published Aug 12, 2024

An improper access control vulnerability exists in the mintplex-labs/anything-llm application,... Critical Unreviewed

CVE-2024-3279 was published Aug 12, 2024

An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa... Critical Unreviewed

CVE-2024-41247 was published Aug 7, 2024

It was possible for a web extension with minimal permissions to create a `StreamFilter` which... Critical Unreviewed

CVE-2024-7525 was published Aug 6, 2024

An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. There is Incorrect Access Control. Critical Unreviewed

CVE-2024-28805 was published Jul 29, 2024

Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows... Critical Unreviewed

CVE-2024-40117 was published Jul 26, 2024

Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate... Critical Unreviewed

CVE-2024-36535 was published Jul 24, 2024

Insecure permissions in external-secrets v0.9.16 allows attackers to access sensitive data and... Critical Unreviewed

CVE-2024-36540 was published Jul 24, 2024

An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to... Critical Unreviewed

CVE-2024-38164 was published Jul 24, 2024

LibreChat through 0.7.4-rc1 has incorrect access control for message updates. (Work on a fixed... Critical Unreviewed

CVE-2024-41703 was published Jul 22, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11... Critical Unreviewed

CVE-2024-6385 was published Jul 11, 2024

TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive... Critical Unreviewed

CVE-2024-39376 was published Jun 27, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11... Critical Unreviewed

CVE-2024-5655 was published Jun 27, 2024

GigaDevice GD32E103C8T6 devices have Incorrect Access Control. Critical Unreviewed

CVE-2024-21741 was published Jun 25, 2024

Axiros AXESS Auto Configuration Server (ACS) 4.x and 5.0.0 has Incorrect Access Control. An... Critical Unreviewed

CVE-2024-33898 was published Jun 25, 2024

An Insecure Direct Object Reference (IDOR) vulnerability was identified in lunary-ai/lunary,... Critical Unreviewed

CVE-2024-5128 was published Jun 6, 2024

Incorrect access control in the fingerprint authentication mechanism of Phone Cleaner: Boost &... Critical Unreviewed

CVE-2024-31682 was published Jun 3, 2024

Improper access control vulnerability in Prodys' Quantum Audio codec affecting versions 2.3.4t... Critical Unreviewed

CVE-2024-5168 was published May 23, 2024

In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix missing update... Critical Unreviewed

CVE-2023-52801 was published May 21, 2024

Westermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded... Critical Unreviewed

CVE-2024-36080 was published May 19, 2024

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS... Critical Unreviewed

CVE-2024-27841 was published May 14, 2024

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

259 advisories