Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,790
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,994
NuGet
720
pip
3,783
Pub
12
RubyGems
927
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

32 advisories

Loading
Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr... Moderate Unreviewed
CVE-2022-1177 was published Mar 31, 2022
Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to... Moderate Unreviewed
CVE-2023-3227 was published Jun 14, 2023
Dell PowerProtect DD, versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110... High Unreviewed
CVE-2023-44285 was published Dec 14, 2023
Insufficient Granularity of Access Control vulnerability in OpenText™ Service Management... Moderate Unreviewed
CVE-2023-32259 was published Mar 19, 2024
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware,... High Unreviewed
CVE-2023-0205 was published Apr 22, 2023
NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware,... High Unreviewed
CVE-2023-0203 was published Apr 22, 2023
A flaw was found in openshift-logging LokiStack. The key used for caching is just the token,... Moderate Unreviewed
CVE-2023-4456 was published Aug 21, 2023
IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized... Moderate Unreviewed
CVE-2023-43040 was published May 14, 2024
An access-control flaw was found in the OpenStack Designate component where private configuration... Moderate Unreviewed
CVE-2023-6725 was published Mar 15, 2024
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Low Unreviewed
CVE-2024-26246 was published Mar 15, 2024
Improper access control in some Intel(R) Power Gadget software for macOS all versions may allow... High Unreviewed
CVE-2023-40070 was published May 16, 2024
Improper access control in Intel(R) Power Gadget software for Windows all versions may allow an... High Unreviewed
CVE-2023-45217 was published May 16, 2024
Outlook for Android Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-43604 was published Oct 8, 2024
The disabling function of the user registration page for Heimavista Rpage and Epage is not... Moderate Unreviewed
CVE-2024-2412 was published Mar 13, 2024
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test... Moderate Unreviewed
CVE-2023-39418 was published Aug 11, 2023
Insufficient Granularity of Access Control vulnerability in Drupal Email Contact allows Forceful... High Unreviewed
CVE-2024-13256 was published Jan 9, 2025
Insufficient Granularity of Access Control vulnerability in Drupal Paragraphs table allows... Moderate Unreviewed
CVE-2024-13272 was published Jan 9, 2025
Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper... High Unreviewed
CVE-2024-53295 was published Feb 1, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to... Moderate Unreviewed
CVE-2024-11931 was published Jan 24, 2025
Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow... Moderate Unreviewed
CVE-2024-39279 was published Feb 13, 2025
The product implements access controls via a policy or other feature with the intention to... Moderate Unreviewed
CVE-2024-6696 was published Feb 20, 2025
A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and... High Unreviewed
CVE-2025-20111 was published Feb 26, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.8.6, 17.9... Moderate Unreviewed
CVE-2024-12619 was published Mar 28, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0... High Unreviewed
CVE-2025-29987 was published Apr 3, 2025
Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP. High Unreviewed
CVE-2024-33058 was published Apr 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database