GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,070
Composer 4,319
Erlang 31
GitHub Actions 21
Go 2,077
Maven 5,250
npm 3,746
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,247

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

249 advisories

Filter by severity

Sort by

Least recently updated

A Broken Access Control vulnerability was found in /admin/update.php and /admin/dashboard.php in... Critical Unreviewed

CVE-2024-40480 was published Aug 12, 2024

An improper access control vulnerability exists in the mintplex-labs/anything-llm application,... Critical Unreviewed

CVE-2024-3279 was published Aug 12, 2024

An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa... Critical Unreviewed

CVE-2024-41247 was published Aug 7, 2024

It was possible for a web extension with minimal permissions to create a `StreamFilter` which... Critical Unreviewed

CVE-2024-7525 was published Aug 6, 2024

An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. There is Incorrect Access Control. Critical Unreviewed

CVE-2024-28805 was published Jul 29, 2024

Incorrect access control in Solar-Log 1000 before v2.8.2 and build 52- 23.04.2013 allows... Critical Unreviewed

CVE-2024-40117 was published Jul 26, 2024

Insecure permissions in meshery v0.7.51 allows attackers to access sensitive data and escalate... Critical Unreviewed

CVE-2024-36535 was published Jul 24, 2024

Insecure permissions in external-secrets v0.9.16 allows attackers to access sensitive data and... Critical Unreviewed

CVE-2024-36540 was published Jul 24, 2024

An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to... Critical Unreviewed

CVE-2024-38164 was published Jul 24, 2024

LibreChat through 0.7.4-rc1 has incorrect access control for message updates. (Work on a fixed... Critical Unreviewed

CVE-2024-41703 was published Jul 22, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11... Critical Unreviewed

CVE-2024-6385 was published Jul 11, 2024

TELSAT marKoni FM Transmitters are vulnerable to users gaining unauthorized access to sensitive... Critical Unreviewed

CVE-2024-39376 was published Jun 27, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11... Critical Unreviewed

CVE-2024-5655 was published Jun 27, 2024

GigaDevice GD32E103C8T6 devices have Incorrect Access Control. Critical Unreviewed

CVE-2024-21741 was published Jun 25, 2024

Axiros AXESS Auto Configuration Server (ACS) 4.x and 5.0.0 has Incorrect Access Control. An... Critical Unreviewed

CVE-2024-33898 was published Jun 25, 2024

An Insecure Direct Object Reference (IDOR) vulnerability was identified in lunary-ai/lunary,... Critical Unreviewed

CVE-2024-5128 was published Jun 6, 2024

Incorrect access control in the fingerprint authentication mechanism of Phone Cleaner: Boost &... Critical Unreviewed

CVE-2024-31682 was published Jun 3, 2024

Improper access control vulnerability in Prodys' Quantum Audio codec affecting versions 2.3.4t... Critical Unreviewed

CVE-2024-5168 was published May 23, 2024

In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix missing update... Critical Unreviewed

CVE-2023-52801 was published May 21, 2024

Westermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded... Critical Unreviewed

CVE-2024-36080 was published May 19, 2024

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS... Critical Unreviewed

CVE-2024-27841 was published May 14, 2024

A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones, including 6970 Conference Unit,... Critical Unreviewed

CVE-2024-31967 was published May 2, 2024

Shenzhen JF6000 Cloud Media Collaboration Processing Platform firmware version V1.2.0 and... Critical Unreviewed

CVE-2023-49473 was published Apr 30, 2024

An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to edit... Critical Unreviewed

CVE-2024-24486 was published Apr 15, 2024

The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated... Critical Unreviewed

CVE-2024-3777 was published Apr 15, 2024

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

249 advisories