GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,034 advisories
Filter by severity
The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder...
High
Unreviewed
CVE-2024-11969
was published
Nov 28, 2024
OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible...
Critical
Unreviewed
CVE-2024-46054
was published
Nov 27, 2024
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated...
High
Unreviewed
CVE-2024-52323
was published
Nov 27, 2024
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required...
Critical
Unreviewed
CVE-2024-11703
was published
Nov 26, 2024
Gee-netics, member of the AXIS Camera Station Pro Bug Bounty Program has found that it is...
Moderate
Unreviewed
CVE-2024-6476
was published
Nov 26, 2024
MLflow's excessive directory permissions allow local privilege escalation
High
CVE-2024-27134
was published
for
mlflow
(pip)
Nov 25, 2024
Incorrect access control in Meabilis CMS 1.0 allows attackers to access other users' address...
Unknown
Unreviewed
CVE-2024-44786
was published
Nov 22, 2024
An issue in Owncloud android apk v.4.3.1 allows a physically proximate attacker to escalate...
Moderate
Unreviewed
CVE-2024-50657
was published
Nov 22, 2024
An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges.
Critical
Unreviewed
CVE-2024-51162
was published
Nov 20, 2024
Moodle IDOR when deleting OAuth2 linked accounts
Moderate
CVE-2024-45690
was published
for
moodle/moodle
(Composer)
Nov 20, 2024
In the getHost() function of UriTest.java, there is the possibility of incorrect web origin...
Critical
Unreviewed
CVE-2018-9467
was published
Nov 20, 2024
In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there...
High
Unreviewed
CVE-2018-9432
was published
Nov 20, 2024
In bootloader there is fastboot command allowing user specified kernel command line arguments....
High
Unreviewed
CVE-2018-9369
was published
Nov 19, 2024
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an...
High
Unreviewed
CVE-2023-21270
was published
Nov 19, 2024
AVSCMS v8.2.0 was discovered to contain weak default credentials for the Administrator account.
Critical
Unreviewed
CVE-2024-51051
was published
Nov 19, 2024
Incorrect access control in QuickHeal Antivirus Pro 24.1.0.182 and earlier allows authenticated...
Moderate
Unreviewed
CVE-2024-48293
was published
Nov 18, 2024
An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total...
High
Unreviewed
CVE-2024-48292
was published
Nov 18, 2024
Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent.
High
Unreviewed
CVE-2024-52926
was published
Nov 18, 2024
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are...
High
Unreviewed
CVE-2024-52867
was published
Nov 17, 2024
A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS)....
Moderate
Unreviewed
CVE-2024-51765
was published
Nov 16, 2024
In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings...
High
Unreviewed
CVE-2017-13314
was published
Nov 16, 2024
A security vulnerability has been identified in HPE Data Management Framework (DMF) Suite (CXFS)....
Moderate
Unreviewed
CVE-2024-51764
was published
Nov 16, 2024
In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to...
High
Unreviewed
CVE-2017-13312
was published
Nov 16, 2024
In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading...
High
Unreviewed
CVE-2017-13310
was published
Nov 16, 2024
In the read() function of ProcessStats.java, there is a possible read/write serialization issue...
High
Unreviewed
CVE-2017-13311
was published
Nov 16, 2024
ProTip!
Advisories are also available from the
GraphQL API