GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,474

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,245 advisories

Filter by severity

Sort by

Least recently updated

The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed

CVE-2024-45519 was published Oct 3, 2024

Pomerium service account access token may grant unintended access to databroker API High

CVE-2024-47616 was published for github.com/pomerium/pomerium (Go) Oct 2, 2024

Jenkins item creation restriction bypass vulnerability Moderate

CVE-2024-47804 was published for org.jenkins-ci.main:jenkins-core (Maven) Oct 2, 2024

RevoWorks Cloud Client 3.0.91 and earlier contains an incorrect authorization vulnerability. If... High Unreviewed

CVE-2024-47560 was published Oct 1, 2024

Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3... Low Unreviewed

CVE-2024-8974 was published Sep 27, 2024

Mattermost versions 9.10.x <= 9.10.1, 9.9.x <= 9.9.2, 9.5.x <= 9.5.8 fail to limit access to... Moderate Unreviewed

CVE-2024-9155 was published Sep 26, 2024

Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows... High Unreviewed

CVE-2024-7108 was published Sep 26, 2024

A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for... Moderate Unreviewed

CVE-2024-20510 was published Sep 25, 2024

BTS is affected by information disclosure vulnerability where mobile network operator personnel... Low Unreviewed

CVE-2023-25189 was published Sep 25, 2024

Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10... Moderate Unreviewed

CVE-2024-6512 was published Sep 25, 2024

Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On... Critical Unreviewed

CVE-2024-6593 was published Sep 25, 2024

Incorrect Authorization vulnerability in the protocol communication between the WatchGuard... Critical Unreviewed

CVE-2024-6592 was published Sep 25, 2024

Bypass of two factor authentication in RestAPI in Checkmk < 2.3.0p16 and < 2.2.0p34 allows... Critical Unreviewed

CVE-2024-8606 was published Sep 23, 2024

A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as... Moderate Unreviewed

CVE-2024-9082 was published Sep 22, 2024

In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate... Moderate Unreviewed

CVE-2024-47160 was published Sep 19, 2024

In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore... Moderate Unreviewed

CVE-2024-47159 was published Sep 19, 2024

app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org... Critical Unreviewed

CVE-2024-46918 was published Sep 16, 2024

An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5... Moderate Unreviewed

CVE-2024-2743 was published Sep 12, 2024

A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a... Moderate Unreviewed

CVE-2024-8691 was published Sep 11, 2024

An access control vulnerability was discovered in the Reports section due to a specific access... Moderate Unreviewed

CVE-2024-4465 was published Sep 11, 2024

Shenzhen Haichangxing Technology Co., Ltd HCX H822 4G LTE Router M7628NNxISPxUIv2_v1.0.1557.15... High Unreviewed

CVE-2024-44667 was published Sep 10, 2024

Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization... Moderate Unreviewed

CVE-2024-42423 was published Sep 10, 2024

Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which... Moderate Unreviewed

CVE-2024-6979 was published Sep 10, 2024

SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to... Low Unreviewed

CVE-2024-44114 was published Sep 10, 2024

This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to... High Unreviewed

CVE-2024-8601 was published Sep 9, 2024

Previous 1 2 3 4 5 6 7 … 89 90 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,245 advisories