GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,952

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

263 advisories

Filter by severity

Sort by

Least recently updated

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in... Moderate Unreviewed

CVE-2024-34463 was published Sep 3, 2024

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin... Moderate Unreviewed

CVE-2024-5053 was published Sep 1, 2024

OpenTelemetry Collector module AWS Firehose Receiver Authentication Bypass Vulnerability Moderate

CVE-2024-45043 was published for github.com/open-telemetry/opentelemetry-collector-contrib/receiver/awsfirehosereceiver (Go) Aug 29, 2024

Powermail TYPO3 extension Broken Access Control in the OutputController Moderate

CVE-2024-45233 was published for in2code/powermail (Composer) Aug 29, 2024

Hyperledger Fabric does not verify request has a timestamp within the expected time window Moderate

CVE-2024-45244 was published for github.com/hyperledger/fabric (Go) Aug 25, 2024

A vulnerability has been found in SourceCodester Yoga Class Registration System 1.0 and... Moderate Unreviewed

CVE-2024-7851 was published Aug 16, 2024

* Unprotected privileged mode access through UDS session in the Blind Spot Detection Sensor ECU... Moderate Unreviewed

CVE-2024-6347 was published Aug 15, 2024

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated... Moderate Unreviewed

CVE-2024-7799 was published Aug 15, 2024

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed

CVE-2024-39418 was published Aug 14, 2024

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed

CVE-2024-39416 was published Aug 14, 2024

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed

CVE-2024-39407 was published Aug 14, 2024

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed

CVE-2024-39411 was published Aug 14, 2024

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed

CVE-2024-39413 was published Aug 14, 2024

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed

CVE-2024-39415 was published Aug 14, 2024

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed

CVE-2024-39419 was published Aug 14, 2024

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed

CVE-2024-39417 was published Aug 14, 2024

Magento Open Source Improper Authorization vulnerability Moderate

CVE-2024-39412 was published for magento/community-edition (Composer) Aug 14, 2024

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed

CVE-2024-39404 was published Aug 14, 2024

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... Moderate Unreviewed

CVE-2024-39405 was published Aug 14, 2024

"Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a... Moderate Unreviewed

CVE-2024-6384 was published Aug 13, 2024

Jenkins does not perform a permission check in an HTTP endpoint Moderate

CVE-2024-43045 was published for org.jenkins-ci.main:jenkins-core (Maven) Aug 7, 2024

A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been classified... Moderate Unreviewed

CVE-2024-7578 was published Aug 7, 2024

Bostr Improper Authorization vulnerability Moderate

CVE-2024-41962 was published for bostr (npm) Aug 2, 2024

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed

CVE-2024-21166 was published Jul 17, 2024

A command for refining a collection shard key is missing an authorization check. This may cause... Moderate Unreviewed

CVE-2024-6375 was published Jul 1, 2024

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

263 advisories