Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,701
Maven
5,000+
npm
4,328
NuGet
761
pip
4,103
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+

87 advisories

Loading
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5,... Moderate Unreviewed
CVE-2023-4018 was published Sep 1, 2023
The DoLogin Security WordPress plugin before 3.7.1 does not restrict the access of a widget that... Moderate Unreviewed
CVE-2023-4800 was published Oct 16, 2023
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic.... Moderate Unreviewed
CVE-2023-5702 was published Oct 23, 2023
A vulnerability was found in GeoServer GeoWebCache up to 1.15.1. It has been declared as... Moderate Unreviewed
CVE-2023-5786 was published Oct 26, 2023
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE... Moderate Unreviewed
CVE-2023-44320 was published Nov 14, 2023
An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7... Moderate Unreviewed
CVE-2024-0456 was published Jan 26, 2024
IBM PowerSC 1.3, 2.0, and 2.1 fails to properly restrict access to a URL or resource, which may... Moderate Unreviewed
CVE-2023-50935 was published Feb 2, 2024
IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized user to obtain sensitive... Moderate Unreviewed
CVE-2023-46186 was published Feb 14, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.4 before 16.7.6... Moderate Unreviewed
CVE-2024-0861 was published Feb 22, 2024
A CWE-862 “Missing Authorization” vulnerability in the “measure” functionality of the web... Moderate Unreviewed
CVE-2023-45598 was published Mar 5, 2024
A CWE-862 “Missing Authorization” vulnerability in the “file_configuration” functionality of the... Moderate Unreviewed
CVE-2023-45596 was published Mar 5, 2024
Mautic uses predictable page indices for unpublished landing pages, their content can be accessed... Moderate Unreviewed
CVE-2024-2730 was published Apr 10, 2024
Silverstripe Forum Module CSRF Vulnerability Moderate
GHSA-w8fq-xgvh-cxc2 was published for silverstripe/forum (Composer) May 23, 2024
Silverstripe Missing security check on dev/build/defaults Moderate
GHSA-x5w2-wcr8-9q45 was published for silverstripe/framework (Composer) May 23, 2024
A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic.... Moderate Unreviewed
CVE-2024-6188 was published Jun 20, 2024
A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x.... Moderate Unreviewed
CVE-2024-6414 was published Jun 30, 2024
A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared... Moderate Unreviewed
CVE-2024-7080 was published Jul 24, 2024
A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719.... Moderate Unreviewed
CVE-2024-7153 was published Jul 28, 2024
An improper authentication vulnerability affecting Vonets industrial wifi bridge relays... Moderate Unreviewed
CVE-2024-42001 was published Aug 12, 2024
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-7753 was published Aug 14, 2024
A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is... Moderate Unreviewed
CVE-2024-11049 was published Nov 10, 2024
Grocy through 4.3.0 allows remote attackers to obtain sensitive information via direct requests... Moderate Unreviewed
CVE-2024-55075 was published Jan 6, 2025
A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital... Moderate Unreviewed
CVE-2025-2147 was published Mar 10, 2025
An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and... Moderate Unreviewed
CVE-2025-2595 was published Apr 23, 2025
NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users... Moderate Unreviewed
CVE-2025-27581 was published Apr 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database