GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
952 advisories
Filter by severity
Bandisoft BandiView 7.05 is vulnerable to Incorrect Access Control in sub_0x3d80fc via a crafted...
Moderate
Unreviewed
CVE-2024-45870
was published
Oct 3, 2024
Vulnerable juju hook tool abstract UNIX domain socket
Moderate
CVE-2024-8037
was published
for
github.com/juju/juju
(Go)
Oct 3, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0 and classified...
Moderate
Unreviewed
CVE-2024-9321
was published
Sep 29, 2024
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-9298
was published
Sep 28, 2024
Mattermost versions 9.11.x <= 9.11.0, 9.10.x <= 9.10.1, 9.9.x <= 9.9.2 and 9.5.x <= 9.5.8 fail to...
Moderate
Unreviewed
CVE-2024-42406
was published
Sep 26, 2024
A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on...
Moderate
Unreviewed
CVE-2024-20465
was published
Sep 25, 2024
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic...
Moderate
Unreviewed
CVE-2024-9003
was published
Sep 19, 2024
Directus vulnerable to SSRF Loopback IP filter bypass
Moderate
CVE-2024-46990
was published
for
@directus/api
(npm)
Sep 18, 2024
Vite's `server.fs.deny` is bypassed when using `?import&raw`
Moderate
CVE-2024-45811
was published
for
vite
(npm)
Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15...
Moderate
Unreviewed
CVE-2024-40825
was published
Sep 17, 2024
Kashipara Music Management System v1.0 is vulnerable to Incorrect Access Control via /music/ajax...
Moderate
Unreviewed
CVE-2024-42794
was published
Sep 16, 2024
An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_genre in...
Moderate
Unreviewed
CVE-2024-42796
was published
Sep 16, 2024
An Incorrect Access Control vulnerability was found in /music/view_user.php?id=3 and /music...
Moderate
Unreviewed
CVE-2024-42795
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user...
Moderate
Unreviewed
CVE-2024-36247
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software for all versions may allow an...
Moderate
Unreviewed
CVE-2024-34543
was published
Sep 16, 2024
Improper access control in Intel(R) RAID Web Console software for all versions may allow an...
Moderate
Unreviewed
CVE-2024-32940
was published
Sep 16, 2024
Lunary improper access control vulnerability
Moderate
CVE-2024-6087
was published
for
lunary
(npm)
Sep 13, 2024
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker...
Moderate
Unreviewed
CVE-2024-20343
was published
Sep 11, 2024
An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6...
Moderate
Unreviewed
CVE-2024-45323
was published
Sep 10, 2024
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All...
Moderate
Unreviewed
CVE-2024-37993
was published
Sep 10, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control...
Moderate
Unreviewed
CVE-2024-39580
was published
Sep 10, 2024
A vulnerability has been identified in Node.js version 20, affecting users of the experimental...
Moderate
Unreviewed
CVE-2023-30582
was published
Sep 7, 2024
Powermail TYPO3 extension Broken Access Control in the OutputController
Moderate
CVE-2024-45233
was published
for
in2code/powermail
(Composer)
Aug 29, 2024
An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an...
Moderate
Unreviewed
CVE-2024-44913
was published
Aug 28, 2024
An issue in the component EXR!ReadEXR+0x3df50 of Irfanview v4.67.1.0 allows attackers to cause an...
Moderate
Unreviewed
CVE-2024-44914
was published
Aug 28, 2024
ProTip!
Advisories are also available from the
GraphQL API