GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,140 advisories
Filter by severity
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated...
High
Unreviewed
CVE-2024-49035
was published
Nov 26, 2024
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege...
High
Unreviewed
CVE-2024-9941
was published
Nov 23, 2024
The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9192
was published
Nov 16, 2024
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by...
High
Unreviewed
CVE-2024-9500
was published
Nov 16, 2024
Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to...
High
Unreviewed
CVE-2024-11206
was published
Nov 14, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an...
High
Unreviewed
CVE-2024-49558
was published
Nov 12, 2024
Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege...
High
Unreviewed
CVE-2024-24409
was published
Nov 8, 2024
A GitHub App installed in organizations could upgrade some permissions from read to write access...
High
Unreviewed
CVE-2024-8810
was published
Nov 8, 2024
Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on...
High
Unreviewed
CVE-2024-8424
was published
Nov 8, 2024
Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are...
High
Unreviewed
CVE-2024-10203
was published
Nov 7, 2024
An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in...
High
Unreviewed
CVE-2024-7473
was published
Oct 29, 2024
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized
access,...
High
Unreviewed
CVE-2024-9002
was published
Oct 11, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the ...
High
Unreviewed
CVE-2024-28813
was published
Sep 30, 2024
An issue in the TP-Link MQTT Broker and API gateway of TP-Link Kasa KP125M v1.0.3 allows...
High
Unreviewed
CVE-2024-46549
was published
Sep 30, 2024
OpenSlides 4.0.15 verifies passwords by comparing password hashes using a function with content...
High
Unreviewed
CVE-2024-22893
was published
Sep 25, 2024
Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to...
High
Unreviewed
CVE-2024-45373
was published
Sep 25, 2024
A symlink following vulnerability in the pouch cp function of AliyunContainerService pouch v1.3.1...
High
Unreviewed
CVE-2024-41228
was published
Sep 23, 2024
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure...
High
Unreviewed
CVE-2024-45752
was published
Sep 19, 2024
ZITADEL's Service Users Deactivation not Working
High
CVE-2024-47000
was published
for
github.com/zitadel/zitadel/v2
(Go)
Sep 19, 2024
ZITADEL's User Grant Deactivation not Working
High
CVE-2024-46999
was published
for
github.com/zitadel/zitadel/v2
(Go)
Sep 19, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 18 and...
High
Unreviewed
CVE-2024-44147
was published
Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may...
High
Unreviewed
CVE-2024-40861
was published
Sep 17, 2024
An Incorrect Access Control vulnerability was found in /music/index.php?page=user_list and /music...
High
Unreviewed
CVE-2024-42798
was published
Sep 16, 2024
The Login with phone number plugin for WordPress is vulnerable to privilege escalation in all...
High
Unreviewed
CVE-2024-6482
was published
Sep 16, 2024
The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for...
High
Unreviewed
CVE-2024-8246
was published
Sep 16, 2024
ProTip!
Advisories are also available from the
GraphQL API