GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,141
Erlang
30
GitHub Actions
19
Go
1,942
Maven
5,000+
npm
3,684
NuGet
650
pip
3,303
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,152 advisories
Filter by severity
Information Disclosure in TYPO3 Page Tree
Low
CVE-2024-47780
was published
for
typo3/cms-backend
(Composer)
Oct 8, 2024
Information disclosure while sending implicit broadcast containing APP launch information.
Moderate
Unreviewed
CVE-2024-38425
was published
Oct 7, 2024
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0...
Critical
Unreviewed
CVE-2024-45519
was published
Oct 3, 2024
Pomerium service account access token may grant unintended access to databroker API
High
CVE-2024-47616
was published
for
github.com/pomerium/pomerium
(Go)
Oct 2, 2024
Jenkins item creation restriction bypass vulnerability
Moderate
CVE-2024-47804
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Oct 2, 2024
RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If...
High
Unreviewed
CVE-2024-47560
was published
Oct 1, 2024
Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3...
Low
Unreviewed
CVE-2024-8974
was published
Sep 27, 2024
Mattermost versions 9.10.x <= 9.10.1, 9.9.x <= 9.9.2, 9.5.x <= 9.5.8 fail to limit access to...
Moderate
Unreviewed
CVE-2024-9155
was published
Sep 26, 2024
Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows...
High
Unreviewed
CVE-2024-7108
was published
Sep 26, 2024
A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for...
Moderate
Unreviewed
CVE-2024-20510
was published
Sep 25, 2024
Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10...
Moderate
Unreviewed
CVE-2024-6512
was published
Sep 25, 2024
Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On...
Critical
Unreviewed
CVE-2024-6593
was published
Sep 25, 2024
Incorrect Authorization vulnerability in the protocol communication between the WatchGuard...
Critical
Unreviewed
CVE-2024-6592
was published
Sep 25, 2024
Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows...
Critical
Unreviewed
CVE-2024-8606
was published
Sep 23, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-9082
was published
Sep 22, 2024
In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate...
Moderate
Unreviewed
CVE-2024-47160
was published
Sep 19, 2024
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore...
Moderate
Unreviewed
CVE-2024-47159
was published
Sep 19, 2024
app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org...
Critical
Unreviewed
CVE-2024-46918
was published
Sep 16, 2024
An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5...
Moderate
Unreviewed
CVE-2024-2743
was published
Sep 12, 2024
A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a...
Moderate
Unreviewed
CVE-2024-8691
was published
Sep 11, 2024
An access control vulnerability was discovered in the Reports section due to a specific access...
Moderate
Unreviewed
CVE-2024-4465
was published
Sep 11, 2024
Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization...
Moderate
Unreviewed
CVE-2024-42423
was published
Sep 10, 2024
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to...
Low
Unreviewed
CVE-2024-44114
was published
Sep 10, 2024
This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to...
High
Unreviewed
CVE-2024-8601
was published
Sep 9, 2024
Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers...
Moderate
Unreviewed
CVE-2024-34642
was published
Sep 4, 2024
ProTip!
Advisories are also available from the
GraphQL API