GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,955
Composer 4,274
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,421
Pub 12
RubyGems 891
Rust 873
Swift 36

Unreviewed advisories

All unreviewed 238,842

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

870 advisories

Filter by severity

Sort by

Least recently updated

Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed

CVE-2024-47148 was published Dec 26, 2024

In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects Moderate Unreviewed

CVE-2024-56350 was published Dec 20, 2024

In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of... Moderate Unreviewed

CVE-2024-56348 was published Dec 20, 2024

Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This... Moderate Unreviewed

CVE-2024-12831 was published Dec 20, 2024

SnapCenter versions 4.8 prior to 5.0 are susceptible to a vulnerability which could allow an... Moderate Unreviewed

CVE-2024-21987 was published Feb 16, 2024

An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5... Moderate Unreviewed

CVE-2024-8650 was published Dec 16, 2024

An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5... Moderate Unreviewed

CVE-2024-8116 was published Dec 16, 2024

An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11... Moderate Unreviewed

CVE-2024-5258 was published May 23, 2024

An issue has been discovered in GitLab EE affecting all versions starting from 12.5 before 17.1.6... Moderate Unreviewed

CVE-2024-3127 was published Aug 22, 2024

The issue was addressed with improved permissions logic. This issue is fixed in macOS Sequoia 15... Moderate Unreviewed

CVE-2024-54495 was published Dec 12, 2024

In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings,... Moderate Unreviewed

CVE-2023-35866 was published Jun 19, 2023

Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and... Moderate Unreviewed

CVE-2024-12148 was published Dec 4, 2024

Mattermost versions 9.7.x <= 9.7.5, 9.8.x <= 9.8.2 and 9.9.x <= 9.9.2 fail to properly propagate... Moderate Unreviewed

CVE-2024-12247 was published Dec 5, 2024

Incorrect access control in the component /index.php?mod=system&op=orgtree of dzzoffice 2.02... Moderate Unreviewed

CVE-2021-30205 was published Jun 27, 2023

Incorrect authorization in the permission component in Devolutions Server 2024.3.7.0 and earlier... Moderate Unreviewed

CVE-2024-12196 was published Dec 4, 2024

Incorrect access control in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows attackers with... Moderate Unreviewed

CVE-2024-50671 was published Nov 25, 2024

Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance... Moderate Unreviewed

CVE-2023-52944 was published Dec 4, 2024

Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance... Moderate Unreviewed

CVE-2023-52943 was published Dec 4, 2024

An issue was discovered in the CheckUserLog API in the CheckUser extension for MediaWiki through... Moderate Unreviewed

CVE-2023-37300 was published Jun 30, 2023

baltic-it TOPqw Webportal v1.35.283.2 is vulnerable to Incorrect Access Control in the User... Moderate Unreviewed

CVE-2024-45877 was published Nov 13, 2024

An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5... Moderate Unreviewed

CVE-2024-11669 was published Nov 26, 2024

A vulnerability in the management console of Cisco Firepower System Software could allow an... Moderate Unreviewed

CVE-2018-0278 was published May 13, 2022

Incorrect authorization in the add permission component in Devolutions Remote Desktop Manager... Moderate Unreviewed

CVE-2024-11672 was published Nov 25, 2024

Incorrect authorization in the permission validation component of Devolutions Remote Desktop... Moderate Unreviewed

CVE-2024-11670 was published Nov 25, 2024

Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16. Moderate Unreviewed

CVE-2022-0406 was published Apr 4, 2022

Previous 1 2 3 4 5 … 34 35 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

870 advisories