Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

257 advisories

Loading
An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to... Critical Unreviewed
CVE-2024-44893 was published Sep 10, 2024
Vela Insecure Defaults Critical
CVE-2022-39395 was published for github.com/go-vela/server (Go) Nov 9, 2022
The WPCOM Member plugin for WordPress is vulnerable to privilege escalation in all versions up to... Critical Unreviewed
CVE-2024-7493 was published Sep 6, 2024
A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older... Critical Unreviewed
CVE-2023-39335 was published Nov 15, 2023
An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain... Critical Unreviewed
CVE-2023-47132 was published Feb 9, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative... Critical Unreviewed
CVE-2024-36439 was published Aug 22, 2024
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0... Critical Unreviewed
CVE-2024-33226 was published May 22, 2024
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could... Critical Unreviewed
CVE-2024-33872 was published Aug 20, 2024
In XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them Critical
CVE-2024-43401 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Aug 19, 2024
floerer
An issue in Multilaser RE160V firmware v12.03.01.09_pt and Multilaser RE163V firmware v12.03.01... Critical Unreviewed
CVE-2023-38944 was published Mar 6, 2024
Improper Privilege Management vulnerability in Geek Code Lab Login As Users allows Privilege... Critical Unreviewed
CVE-2024-43311 was published Aug 19, 2024
Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege... Critical Unreviewed
CVE-2024-43240 was published Aug 19, 2024
Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This... Critical Unreviewed
CVE-2024-43245 was published Aug 19, 2024
AWS Amplify CLI has incorrect trust policy management Critical
CVE-2024-28056 was published for @aws-amplify/cli (npm) Apr 15, 2024
An issue in TVS Motor Company Limited TVS Connet Android v.4.5.1 and iOS v.5.0.0 allows a remote... Critical Unreviewed
CVE-2024-33308 was published Apr 30, 2024
Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network... Critical Unreviewed
CVE-2024-21807 was published Aug 14, 2024
Improper Privilege Management vulnerability in WofficeIO Woffice allows Privilege Escalation.This... Critical Unreviewed
CVE-2024-43153 was published Aug 13, 2024
Improper Privilege Management vulnerability in realmag777 HUSKY allows Privilege Escalation.This... Critical Unreviewed
CVE-2024-43121 was published Aug 13, 2024
An issue was discovered in tramyardg autoexpress version 1.3.0, allows unauthenticated remote... Critical Unreviewed
CVE-2023-48902 was published Mar 21, 2024
A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the... Critical Unreviewed
CVE-2023-4976 was published Jul 17, 2024
Android kernel allows Elevation of privilege. Critical Unreviewed
CVE-2024-27207 was published Mar 11, 2024
RaspAP allows an attacker to escalate privileges Critical
CVE-2024-41637 was published for billz/raspap-webgui (Composer) Jul 29, 2024
Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule... Critical Unreviewed
CVE-2024-38770 was published Aug 1, 2024
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to... Critical Unreviewed
CVE-2024-37858 was published Jul 29, 2024
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an... Critical Unreviewed
CVE-2023-49232 was published Mar 29, 2024
ProTip! Advisories are also available from the GraphQL API