Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,427
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

249 advisories

Loading
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly... Critical Unreviewed
CVE-2024-29836 was published Apr 15, 2024
A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL,... Critical Unreviewed
CVE-2024-3765 was published Apr 15, 2024
Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-29990 was published Apr 9, 2024
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive... Critical Unreviewed
CVE-2023-1083 was published Apr 9, 2024
In TOTOLINK EX200 V4.0.3c.7314_B20191204, an attacker can obtain the configuration file without... Critical Unreviewed
CVE-2024-31815 was published Apr 8, 2024
Alldata V0.4.6 is vulnerable to Incorrect Access Control. A total of many modules interface... Critical Unreviewed
CVE-2024-27602 was published Apr 2, 2024
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can... Critical Unreviewed
CVE-2024-25735 was published Mar 27, 2024
Datalust Seq before 2023.4.11151 and 2024 before 2024.1.11146 has Incorrect Access Control... Critical Unreviewed
CVE-2024-29866 was published Mar 21, 2024
An issue discovered in Axigen Mail Server 10.3.x before 10.3.1.27 and 10.3.2.x before 10.3.3.1... Critical Unreviewed
CVE-2020-26942 was published Mar 21, 2024
The Net::IPV4Addr module 0.10 for Perl does not properly consider extraneous zero characters in... Critical Unreviewed
CVE-2021-47155 was published Mar 18, 2024
Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded root password that has... Critical Unreviewed
CVE-2022-47036 was published Mar 18, 2024
An issue in Advanced Plugins ultimateimagetool module for PrestaShop before v.2.2.01, allows a... Critical Unreviewed
CVE-2024-28390 was published Mar 14, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The... Critical Unreviewed
CVE-2022-32257 was published Mar 12, 2024
An issue was discovered in Lustre versions 2.13.x, 2.14.x, and 2.15.x before 2.15.4, allows... Critical Unreviewed
CVE-2023-51786 was published Mar 7, 2024
Incorrect access control in Book Store Management System v1 allows attackers to access... Critical Unreviewed
CVE-2023-49543 was published Mar 2, 2024
A remote attacker may be able to bypass access control of Commend WS203VICM by creating a... Critical Unreviewed
CVE-2024-21767 was published Mar 1, 2024
An issue was discovered in Couchbase Server before 7.2.4. SQL++ cURL calls to /diag/eval are not... Critical Unreviewed
CVE-2023-49931 was published Feb 29, 2024
An issue was discovered in RWS WorldServer before 11.7.3. Regular users can create users with the... Critical Unreviewed
CVE-2022-34270 was published Feb 29, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2023-42945 was published Feb 21, 2024
4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set... Critical Unreviewed
CVE-2024-24300 was published Feb 15, 2024
Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21401 was published Feb 13, 2024
Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-21376 was published Feb 13, 2024
Microsoft Azure Site Recovery Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21364 was published Feb 13, 2024
An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the... Critical Unreviewed
CVE-2024-24496 was published Feb 8, 2024
Inadequate access control in the C21 Live Encoder and Live Mosaic product, version 5.3. This... Critical Unreviewed
CVE-2024-0642 was published Jan 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database