GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,943 advisories
Filter by severity
Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote...
Moderate
Unreviewed
CVE-2023-27384
was published
May 23, 2023
Canlineapp Online 1.1 is vulnerable to Broken Access Control and allows users with the Auditor...
Moderate
Unreviewed
CVE-2024-56114
was published
Jan 9, 2025
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5,...
High
Unreviewed
CVE-2024-40771
was published
Jan 15, 2025
On-Premises Data Gateway Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2025-21403
was published
Jan 14, 2025
Incorrect Authorization vulnerability in Drupal Responsive and off-canvas menu allows Forceful...
Moderate
Unreviewed
CVE-2024-13266
was published
Jan 9, 2025
Incorrect Authorization vulnerability in Drupal OhDear Integration allows Forceful Browsing.This...
Moderate
Unreviewed
CVE-2024-13290
was published
Jan 9, 2025
OX App Suite before backend 7.10.6-rev37 allows authenticated users to bypass access controls ...
Moderate
Unreviewed
CVE-2023-24600
was published
May 29, 2023
Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360...
Critical
Unreviewed
CVE-2022-29081
was published
Apr 29, 2022
Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful...
High
Unreviewed
CVE-2024-13291
was published
Jan 9, 2025
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could...
Low
Unreviewed
CVE-2020-9081
was published
Dec 27, 2024
Incorrect Authorization vulnerability in Drupal Commerce View Receipt allows Forceful Browsing...
Moderate
Unreviewed
CVE-2024-13257
was published
Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue...
Critical
Unreviewed
CVE-2024-13281
was published
Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Pages Restriction Access allows Forceful Browsing...
Moderate
Unreviewed
CVE-2024-13302
was published
Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows...
Critical
Unreviewed
CVE-2024-13258
was published
Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Advanced PWA inc Push Notifications allows...
Critical
Unreviewed
CVE-2024-13253
was published
Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This...
High
Unreviewed
CVE-2024-13282
was published
Jan 9, 2025
Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code...
High
Unreviewed
CVE-2023-25729
was published
Jun 2, 2023
Incorrect Authorization vulnerability in Drupal Smart IP Ban allows Forceful Browsing.This issue...
Critical
Unreviewed
CVE-2024-13277
was published
Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Diff allows Functionality Misuse.This issue...
Critical
Unreviewed
CVE-2024-13278
was published
Jan 9, 2025
A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html...
Moderate
Unreviewed
CVE-2023-23604
was published
Jun 2, 2023
lunary-ai/lunary version 1.0.1 is vulnerable to improper authorization, allowing removed members...
Critical
Unreviewed
CVE-2024-1741
was published
Apr 10, 2024
Android applications with unpatched vulnerabilities can be launched from a browser using Intents,...
Moderate
Unreviewed
CVE-2023-25749
was published
Jun 2, 2023
Incorrect Authorization vulnerability in Drupal Content Entity Clone allows Forceful Browsing...
Unknown
Unreviewed
CVE-2024-13271
was published
Jan 9, 2025
Incorrect Authorization vulnerability in Drupal Freelinking allows Forceful Browsing.This issue...
Unknown
Unreviewed
CVE-2024-13270
was published
Jan 9, 2025
The WebChannel API, which is used to transport various information across processes, did not...
Moderate
Unreviewed
CVE-2025-0237
was published
Jan 7, 2025
ProTip!
Advisories are also available from the
GraphQL API