GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
2,347 advisories
Filter by severity
In Click Studios Passwordstate before build 9920, there is a potential permission escalation on...
High
Unreviewed
CVE-2024-54124
was published
Nov 29, 2024
In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This...
High
Unreviewed
CVE-2018-9374
was published
Nov 28, 2024
An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5...
Moderate
Unreviewed
CVE-2024-11669
was published
Nov 26, 2024
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability....
Critical
Unreviewed
CVE-2024-11680
was published
Nov 26, 2024
Incorrect access control in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows attackers with...
Moderate
Unreviewed
CVE-2024-50671
was published
Nov 25, 2024
Incorrect authorization in the add permission component in Devolutions Remote Desktop Manager...
Moderate
Unreviewed
CVE-2024-11672
was published
Nov 25, 2024
The application Sensei Mac Cleaner contains a local privilege escalation vulnerability, allowing...
High
Unreviewed
CVE-2024-7915
was published
Nov 25, 2024
Incorrect authorization in the permission validation component of Devolutions Remote Desktop...
Moderate
Unreviewed
CVE-2024-11670
was published
Nov 25, 2024
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an...
High
Unreviewed
CVE-2023-21270
was published
Nov 19, 2024
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component:...
High
Unreviewed
CVE-2024-21287
was published
Nov 19, 2024
moodle: IDOR when fetching report schedules
Moderate
CVE-2024-48901
was published
for
moodle/moodle
(Composer)
Nov 18, 2024
moodle: IDOR in edit/delete RSS feed
Moderate
CVE-2024-48897
was published
for
moodle/moodle
(Composer)
Nov 18, 2024
The python_food ordering system V1.0 has an unauthorized vulnerability that leads to the leakage...
High
Unreviewed
CVE-2024-50647
was published
Nov 15, 2024
python_book V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain...
High
Unreviewed
CVE-2024-50650
was published
Nov 15, 2024
A misconfiguration in the fingerprint authentication mechanism of Binance: BTC, Crypto and NFTS...
Critical
Unreviewed
CVE-2024-31695
was published
Nov 15, 2024
In lunary-ai/lunary versions 1.2.2 through 1.2.6, an incorrect authorization vulnerability allows...
Critical
Unreviewed
CVE-2024-3379
was published
Nov 14, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.0 prior to 17.3.7...
High
Unreviewed
CVE-2024-9693
was published
Nov 14, 2024
baltic-it TOPqw Webportal v1.35.283.2 is vulnerable to Incorrect Access Control in the User...
Moderate
Unreviewed
CVE-2024-45877
was published
Nov 13, 2024
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions ...
High
Unreviewed
CVE-2024-50310
was published
Nov 12, 2024
Moodle's user/power level management inconsistent with suspended users
Low
CVE-2024-43433
was published
for
moodle/moodle
(Composer)
Nov 11, 2024
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 and 10.0.x <= 10.0.0 fail...
Low
Unreviewed
CVE-2024-42000
was published
Nov 9, 2024
An Improper Authorization (Access Control Misconfiguration) vulnerability in MGT-COMMERCE GmbH v2...
Moderate
Unreviewed
CVE-2024-44765
was published
Nov 8, 2024
Hashicorp Nomad Incorrect Authorization vulnerability
Moderate
CVE-2024-10975
was published
for
github.com/hashicorp/nomad
(Go)
Nov 7, 2024
Moodle's IDOR in Feedback non-respondents report allows messaging arbitrary site users
Moderate
CVE-2024-43438
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,...
Moderate
Unreviewed
CVE-2024-20537
was published
Nov 6, 2024
ProTip!
Advisories are also available from the
GraphQL API