GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,040
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,894 advisories
Filter by severity
An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5...
Moderate
Unreviewed
CVE-2024-8116
was published
Dec 16, 2024
An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5...
Moderate
Unreviewed
CVE-2024-8650
was published
Dec 16, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6...
Low
Unreviewed
CVE-2024-10043
was published
Dec 12, 2024
The issue was addressed with improved permissions logic. This issue is fixed in macOS Sequoia 15...
Moderate
Unreviewed
CVE-2024-54495
was published
Dec 12, 2024
An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An...
High
Unreviewed
CVE-2024-55579
was published
Dec 9, 2024
Mattermost versions 9.7.x <= 9.7.5, 9.8.x <= 9.8.2 and 9.9.x <= 9.9.2 fail to properly propagate...
Moderate
Unreviewed
CVE-2024-12247
was published
Dec 5, 2024
Incorrect authorization in the permission component in Devolutions Server 2024.3.7.0 and earlier...
Moderate
Unreviewed
CVE-2024-12196
was published
Dec 4, 2024
Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and...
Moderate
Unreviewed
CVE-2024-12148
was published
Dec 4, 2024
Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance...
Moderate
Unreviewed
CVE-2023-52943
was published
Dec 4, 2024
Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance...
Moderate
Unreviewed
CVE-2023-52944
was published
Dec 4, 2024
A vulnerability exists where a low-privileged user can exploit insufficient permissions in...
High
Unreviewed
CVE-2024-45204
was published
Dec 4, 2024
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent...
High
Unreviewed
CVE-2024-42452
was published
Dec 4, 2024
An issue was discovered on Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware...
High
Unreviewed
CVE-2024-53937
was published
Dec 3, 2024
An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware...
High
Unreviewed
CVE-2024-53941
was published
Dec 3, 2024
Incorrect access control in wms-Warehouse management system-zeqp v2.20.9.1 due to the token value...
Critical
Unreviewed
CVE-2024-52732
was published
Dec 2, 2024
In Click Studios Passwordstate before build 9920, there is a potential permission escalation on...
High
Unreviewed
CVE-2024-54124
was published
Nov 29, 2024
In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This...
High
Unreviewed
CVE-2018-9374
was published
Nov 28, 2024
An issue was discovered in GitLab CE/EE affecting all versions from 16.9.8 before 17.4.5, 17.5...
Moderate
Unreviewed
CVE-2024-11669
was published
Nov 26, 2024
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability....
Critical
Unreviewed
CVE-2024-11680
was published
Nov 26, 2024
Incorrect access control in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows attackers with...
Moderate
Unreviewed
CVE-2024-50671
was published
Nov 25, 2024
The application Sensei Mac Cleaner contains a local privilege escalation vulnerability, allowing...
High
Unreviewed
CVE-2024-7915
was published
Nov 25, 2024
Incorrect authorization in the permission validation component of Devolutions Remote Desktop...
Moderate
Unreviewed
CVE-2024-11670
was published
Nov 25, 2024
Incorrect authorization in the add permission component in Devolutions Remote Desktop Manager...
Moderate
Unreviewed
CVE-2024-11672
was published
Nov 25, 2024
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component:...
High
Unreviewed
CVE-2024-21287
was published
Nov 19, 2024
python_book V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain...
High
Unreviewed
CVE-2024-50650
was published
Nov 15, 2024
ProTip!
Advisories are also available from the
GraphQL API