Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,722
Maven
5,000+
npm
4,329
NuGet
762
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

155 advisories

Loading
Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate... High Unreviewed
CVE-2024-36534 was published Jul 24, 2024
A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM... High Unreviewed
CVE-2024-38278 was published Jul 9, 2024
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under... High Unreviewed
CVE-2024-31912 was published Jun 28, 2024
IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an... High Unreviewed
CVE-2024-27275 was published Jun 15, 2024
Insecure permissions in DNSCrypt-proxy v2.0.0alpha9 to v2.1.5 allows non-privileged attackers to... High Unreviewed
CVE-2024-36587 was published Jun 13, 2024
In the Linux kernel, the following vulnerability has been resolved: ethtool: strset: fix message... High Unreviewed
CVE-2021-47241 was published May 21, 2024
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could... High Unreviewed
CVE-2024-20389 was published May 16, 2024
Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate... High Unreviewed
CVE-2024-31771 was published May 14, 2024
IBM AIX's Unix domain (AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1) datagram socket implementation could... High Unreviewed
CVE-2024-27273 was published May 7, 2024
In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted... High Unreviewed
CVE-2024-27453 was published May 3, 2024
Various software builds for the following TCL devices (30Z, A3X, 20XE, 10L) leak the device IMEI... High Unreviewed
CVE-2023-38298 was published Apr 22, 2024
A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers... High Unreviewed
CVE-2024-20320 was published Mar 13, 2024
This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 17.4, iOS... High Unreviewed
CVE-2024-23288 was published Mar 8, 2024
An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with... High Unreviewed
CVE-2023-50437 was published Feb 29, 2024
In createFromParcel of UsbConfiguration.java, there is a possible background activity launch (BAL... High Unreviewed
CVE-2023-40109 was published Feb 16, 2024
Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom... High Unreviewed
CVE-2023-49647 was published Jan 13, 2024
Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The... High Unreviewed
CVE-2023-5913 was published Nov 8, 2023
Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability High
CVE-2023-5077 was published for github.com/hashicorp/vault (Go) Sep 29, 2023
The BAN Users plugin for WordPress is vulnerable to privilege escalation in versions up to, and... High Unreviewed
CVE-2023-4153 was published Sep 13, 2023
SearchBlox before Version 9.2.1 is vulnerable to Privileged Escalation-Lower user is able to... High Unreviewed
CVE-2020-10129 was published Sep 6, 2023
In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into... High Unreviewed
CVE-2023-21269 was published Aug 14, 2023
Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to... High Unreviewed
CVE-2023-30691 was published Aug 10, 2023
Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows... High Unreviewed
CVE-2023-30680 was published Aug 10, 2023
Consul JWT Auth in L7 Intentions Allow for Mismatched Service Identity and JWT Providers High
CVE-2023-3518 was published for github.com/hashicorp/consul (Go) Aug 9, 2023
anonymous4ACL24
Credited to anonymous4ACL24
In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain... High Unreviewed
CVE-2023-39173 was published Jul 25, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database