GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,245 advisories
Filter by severity
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component:...
High
Unreviewed
CVE-2024-21287
was published
Nov 19, 2024
moodle: IDOR in edit/delete RSS feed
Moderate
CVE-2024-48897
was published
for
moodle/moodle
(Composer)
Nov 18, 2024
moodle: IDOR when fetching report schedules
Moderate
CVE-2024-48901
was published
for
moodle/moodle
(Composer)
Nov 18, 2024
In lunary-ai/lunary versions 1.2.2 through 1.2.6, an incorrect authorization vulnerability allows...
Critical
Unreviewed
CVE-2024-3379
was published
Nov 14, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.0 prior to 17.3.7...
High
Unreviewed
CVE-2024-9693
was published
Nov 14, 2024
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions ...
High
Unreviewed
CVE-2024-50310
was published
Nov 12, 2024
Moodle's user/power level management inconsistent with suspended users
Low
CVE-2024-43433
was published
for
moodle/moodle
(Composer)
Nov 11, 2024
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 and 10.0.x <= 10.0.0 fail...
Low
Unreviewed
CVE-2024-42000
was published
Nov 9, 2024
An Improper Authorization (Access Control Misconfiguration) vulnerability in MGT-COMMERCE GmbH v2...
Moderate
Unreviewed
CVE-2024-44765
was published
Nov 8, 2024
Hashicorp Nomad Incorrect Authorization vulnerability
Moderate
CVE-2024-10975
was published
for
github.com/hashicorp/nomad
(Go)
Nov 7, 2024
Moodle's IDOR in Feedback non-respondents report allows messaging arbitrary site users
Moderate
CVE-2024-43438
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,...
Moderate
Unreviewed
CVE-2024-20537
was published
Nov 6, 2024
ansible-core Incorrect Authorization vulnerability
Moderate
CVE-2024-9902
was published
for
ansible-core
(pip)
Nov 6, 2024
Lylme Spage v1.9.5 is vulnerable to Incorrect Access Control. There is no limit on the number of...
Critical
Unreviewed
CVE-2024-48176
was published
Nov 6, 2024
Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin...
High
Unreviewed
CVE-2024-30616
was published
Nov 4, 2024
Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization...
High
Unreviewed
CVE-2024-45164
was published
Nov 4, 2024
Incorrect Authorization vulnerability in WPChill Htaccess File Editor allows Accessing...
Moderate
Unreviewed
CVE-2024-49256
was published
Nov 1, 2024
Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If...
Moderate
Unreviewed
CVE-2024-49501
was published
Nov 1, 2024
Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate...
High
Unreviewed
CVE-2024-51426
was published
Oct 30, 2024
Insecure Permissions vulnerability in Ethereum v.1.12.2 allows a remote attacker to escalate...
High
Unreviewed
CVE-2024-51425
was published
Oct 30, 2024
Incorrect Authorization vulnerability in Wpsoul Greenshift – animation and page builder blocks...
Moderate
Unreviewed
CVE-2024-50419
was published
Oct 30, 2024
Kyverno's PolicyException objects can be created in any namespace by default
High
CVE-2024-48921
was published
for
github.com/kyverno/kyverno
(Go)
Oct 29, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS...
Moderate
Unreviewed
CVE-2024-44301
was published
Oct 28, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS...
Moderate
Unreviewed
CVE-2024-44137
was published
Oct 28, 2024
A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.1...
High
Unreviewed
CVE-2024-44270
was published
Oct 28, 2024
ProTip!
Advisories are also available from the
GraphQL API