Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,462
Erlang
33
GitHub Actions
22
Go
2,159
Maven
5,000+
npm
3,820
NuGet
696
pip
3,502
Pub
12
RubyGems
903
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

591 advisories

Loading
The Zephyr Project Manager plugin for WordPress is vulnerable to limited privilege escalation in... High Unreviewed
CVE-2024-7624 was published Aug 15, 2024
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated... Moderate Unreviewed
CVE-2024-7799 was published Aug 15, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed
CVE-2024-39407 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed
CVE-2024-39418 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed
CVE-2024-39413 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed
CVE-2024-39415 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed
CVE-2024-39411 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed
CVE-2024-39417 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed
CVE-2024-39419 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed
CVE-2024-39416 was published Aug 14, 2024
Magento Open Source Improper Authorization vulnerability Moderate
CVE-2024-39412 was published for magento/community-edition (Composer) Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed
CVE-2024-39404 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed
CVE-2024-39405 was published Aug 14, 2024
"Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a... Moderate Unreviewed
CVE-2024-6384 was published Aug 13, 2024
OpenFGA Authorization Bypass High
CVE-2024-42473 was published for github.com/openfga/openfga (Go) Aug 9, 2024
sidneibjunior
A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been classified... Moderate Unreviewed
CVE-2024-7578 was published Aug 7, 2024
Jenkins does not perform a permission check in an HTTP endpoint Moderate
CVE-2024-43045 was published for org.jenkins-ci.main:jenkins-core (Maven) Aug 7, 2024
An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an... Critical Unreviewed
CVE-2024-36130 was published Aug 7, 2024
Bostr Improper Authorization vulnerability Moderate
CVE-2024-41962 was published for bostr (npm) Aug 2, 2024
cxplay
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... High Unreviewed
CVE-2024-40814 was published Jul 30, 2024
The issue was addressed with improved restriction of data container access. This issue is fixed... High Unreviewed
CVE-2024-40783 was published Jul 30, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2024-21166 was published Jul 17, 2024
OpenSearch Observability does not properly restrict access to private tenant resources Low
CVE-2024-39901 was published for org.opensearch.plugin:opensearch-observability (Maven) Jul 10, 2024
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability High Unreviewed
CVE-2024-30061 was published Jul 9, 2024
In SAP Commerce, a user can misuse the forgotten password functionality to gain access to a... High Unreviewed
CVE-2024-39597 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database