Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,141
Erlang
30
GitHub Actions
19
Go
1,942
Maven
5,000+
npm
3,684
NuGet
650
pip
3,303
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,152 advisories

Loading
Information Disclosure in TYPO3 Page Tree Low
CVE-2024-47780 was published for typo3/cms-backend (Composer) Oct 8, 2024
ohader jpmschuler
Information disclosure while sending implicit broadcast containing APP launch information. Moderate Unreviewed
CVE-2024-38425 was published Oct 7, 2024
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed
CVE-2024-45519 was published Oct 3, 2024
Pomerium service account access token may grant unintended access to databroker API High
CVE-2024-47616 was published for github.com/pomerium/pomerium (Go) Oct 2, 2024
Jenkins item creation restriction bypass vulnerability Moderate
CVE-2024-47804 was published for org.jenkins-ci.main:jenkins-core (Maven) Oct 2, 2024
RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If... High Unreviewed
CVE-2024-47560 was published Oct 1, 2024
Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3... Low Unreviewed
CVE-2024-8974 was published Sep 27, 2024
Mattermost versions 9.10.x <= 9.10.1, 9.9.x <= 9.9.2, 9.5.x <= 9.5.8 fail to limit access to... Moderate Unreviewed
CVE-2024-9155 was published Sep 26, 2024
Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows... High Unreviewed
CVE-2024-7108 was published Sep 26, 2024
A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for... Moderate Unreviewed
CVE-2024-20510 was published Sep 25, 2024
Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10... Moderate Unreviewed
CVE-2024-6512 was published Sep 25, 2024
Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On... Critical Unreviewed
CVE-2024-6593 was published Sep 25, 2024
Incorrect Authorization vulnerability in the protocol communication between the WatchGuard... Critical Unreviewed
CVE-2024-6592 was published Sep 25, 2024
Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows... Critical Unreviewed
CVE-2024-8606 was published Sep 23, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-9082 was published Sep 22, 2024
In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate... Moderate Unreviewed
CVE-2024-47160 was published Sep 19, 2024
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore... Moderate Unreviewed
CVE-2024-47159 was published Sep 19, 2024
app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org... Critical Unreviewed
CVE-2024-46918 was published Sep 16, 2024
An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5... Moderate Unreviewed
CVE-2024-2743 was published Sep 12, 2024
A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a... Moderate Unreviewed
CVE-2024-8691 was published Sep 11, 2024
An access control vulnerability was discovered in the Reports section due to a specific access... Moderate Unreviewed
CVE-2024-4465 was published Sep 11, 2024
Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization... Moderate Unreviewed
CVE-2024-42423 was published Sep 10, 2024
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to... Low Unreviewed
CVE-2024-44114 was published Sep 10, 2024
This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to... High Unreviewed
CVE-2024-8601 was published Sep 9, 2024
Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers... Moderate Unreviewed
CVE-2024-34642 was published Sep 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database