GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,556

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

120,609 advisories

Filter by severity

Sort by

Least recently updated

The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for... Moderate Unreviewed

CVE-2024-7655 was published Sep 10, 2024

Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Improper Input... Moderate Unreviewed

CVE-2024-42424 was published Sep 10, 2024

Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control... Moderate Unreviewed

CVE-2024-39580 was published Sep 10, 2024

Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A... Moderate Unreviewed

CVE-2024-39574 was published Sep 10, 2024

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use... Moderate Unreviewed

CVE-2024-44944 was published Aug 30, 2024

The RFC enabled function module allows a low privileged user to perform denial of service on any... Moderate Unreviewed

CVE-2024-45285 was published Sep 10, 2024

Due to insufficient encoding of user-controlled inputs, SAP NetWeaver AS Java allows malicious... Moderate Unreviewed

CVE-2024-45280 was published Sep 10, 2024

SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client... Moderate Unreviewed

CVE-2024-45281 was published Sep 10, 2024

Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an... Moderate Unreviewed

CVE-2024-44112 was published Sep 10, 2024

Under certain conditions Statutory Reports in SAP S/4 HANA allows an attacker with basic... Moderate Unreviewed

CVE-2024-44121 was published Sep 10, 2024

SAP NetWeaver Enterprise Portal is vulnerable to reflected cross site scripting due to... Moderate Unreviewed

CVE-2024-44120 was published Sep 10, 2024

The RFC enabled function module allows a low privileged user to perform various actions, such as... Moderate Unreviewed

CVE-2024-44117 was published Sep 10, 2024

Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver... Moderate Unreviewed

CVE-2024-45279 was published Sep 10, 2024

Due to lack of proper authorization checks when calling user, a function module in obsolete Tobin... Moderate Unreviewed

CVE-2024-45286 was published Sep 10, 2024

SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The... Moderate Unreviewed

CVE-2024-45283 was published Sep 10, 2024

The RFC enabled function module allows a low privileged user to add URLs to any user's workplace... Moderate Unreviewed

CVE-2024-44115 was published Sep 10, 2024

Due to weak encoding of user-controlled inputs, eProcurement on SAP S/4HANA allows malicious... Moderate Unreviewed

CVE-2024-42378 was published Sep 10, 2024

Due to missing authorization checks, SAP Business Warehouse (BEx Analyzer) allows an... Moderate Unreviewed

CVE-2024-44113 was published Sep 10, 2024

The RFC enabled function module allows a low privileged user to add any workbook to any user's... Moderate Unreviewed

CVE-2024-44116 was published Sep 10, 2024

An insufficient entropy vulnerability caused by the improper use of a randomness function with... Moderate Unreviewed

CVE-2024-38270 was published Sep 10, 2024

The RFC enabled function module allows a low privileged user to delete the workplace favourites... Moderate Unreviewed

CVE-2024-42371 was published Sep 10, 2024

The RFC enabled function module allows a low privileged user to read any user's workplace... Moderate Unreviewed

CVE-2024-42380 was published Sep 10, 2024

Due to missing authorization checks, SAP BEx Analyzer allows an authenticated attacker to access... Moderate Unreviewed

CVE-2024-41729 was published Sep 10, 2024

A vulnerability related to the use an insecure Platform Key (PK) has been discovered. An attacker... Moderate Unreviewed

CVE-2024-8105 was published Aug 26, 2024

Keycloak Open Redirect vulnerability Moderate

CVE-2024-7260 was published for org.keycloak:keycloak-core (Maven) Sep 9, 2024

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

120,609 advisories