Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,096 advisories

Loading
Mattermost versions 9.7.x <= 9.7.5, 9.8.x <= 9.8.2 and 9.9.x <= 9.9.2 fail to properly propagate... Moderate Unreviewed
CVE-2024-12247 was published Dec 5, 2024
Incorrect authorization in the permission component in Devolutions Server 2024.3.7.0 and earlier... Moderate Unreviewed
CVE-2024-12196 was published Dec 4, 2024
Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and... Moderate Unreviewed
CVE-2024-12148 was published Dec 4, 2024
Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance... Moderate Unreviewed
CVE-2023-52943 was published Dec 4, 2024
Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance... Moderate Unreviewed
CVE-2023-52944 was published Dec 4, 2024
Withdrawn Advisory: Symfony http-security has authentication bypass Moderate
CVE-2024-36611 was published for symfony/security-http (Composer) Nov 29, 2024 withdrawn
jderusse
An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5... Moderate Unreviewed
CVE-2024-11669 was published Nov 26, 2024
Incorrect access control in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows attackers with... Moderate Unreviewed
CVE-2024-50671 was published Nov 25, 2024
Incorrect authorization in the add permission component in Devolutions Remote Desktop Manager... Moderate Unreviewed
CVE-2024-11672 was published Nov 25, 2024
Incorrect authorization in the permission validation component of Devolutions Remote Desktop... Moderate Unreviewed
CVE-2024-11670 was published Nov 25, 2024
moodle: IDOR when fetching report schedules Moderate
CVE-2024-48901 was published for moodle/moodle (Composer) Nov 18, 2024
moodle: IDOR in edit/delete RSS feed Moderate
CVE-2024-48897 was published for moodle/moodle (Composer) Nov 18, 2024
baltic-it TOPqw Webportal v1.35.283.2 is vulnerable to Incorrect Access Control in the User... Moderate Unreviewed
CVE-2024-45877 was published Nov 13, 2024
An Improper Authorization (Access Control Misconfiguration) vulnerability in MGT-COMMERCE GmbH v2... Moderate Unreviewed
CVE-2024-44765 was published Nov 8, 2024
Hashicorp Nomad Incorrect Authorization vulnerability Moderate
CVE-2024-10975 was published for github.com/hashicorp/nomad (Go) Nov 7, 2024
Moodle's IDOR in Feedback non-respondents report allows messaging arbitrary site users Moderate
CVE-2024-43438 was published for moodle/moodle (Composer) Nov 7, 2024
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,... Moderate Unreviewed
CVE-2024-20537 was published Nov 6, 2024
ansible-core Incorrect Authorization vulnerability Moderate
CVE-2024-9902 was published for ansible-core (pip) Nov 6, 2024
Incorrect Authorization vulnerability in WPChill Htaccess File Editor allows Accessing... Moderate Unreviewed
CVE-2024-49256 was published Nov 1, 2024
Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If... Moderate Unreviewed
CVE-2024-49501 was published Nov 1, 2024
Incorrect Authorization vulnerability in Wpsoul Greenshift – animation and page builder blocks... Moderate Unreviewed
CVE-2024-50419 was published Oct 30, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS... Moderate Unreviewed
CVE-2024-44301 was published Oct 28, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS... Moderate Unreviewed
CVE-2024-44247 was published Oct 28, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS... Moderate Unreviewed
CVE-2024-44287 was published Oct 28, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS... Moderate Unreviewed
CVE-2024-44253 was published Oct 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database