Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,736
Maven
5,000+
npm
4,336
NuGet
764
pip
4,110
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

575 advisories

Loading
Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate... High Unreviewed
CVE-2024-36534 was published Jul 24, 2024
Insecure Permissions vulnerability in Tencent wechat v.8.0.37 allows an attacker to escalate... High Unreviewed
CVE-2024-40433 was published Jul 27, 2024
Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19... High Unreviewed
CVE-2024-41139 was published Jul 29, 2024
An Improper access control vulnerability was found in Avaya Aura System Manager which could allow... Moderate Unreviewed
CVE-2024-7480 was published Aug 8, 2024
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a... Moderate Unreviewed
CVE-2024-6758 was published Aug 12, 2024
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom... Moderate Unreviewed
CVE-2024-42441 was published Aug 14, 2024
In multiple functions of AppOpsService.java, there is a possible way for unprivileged apps to... High Unreviewed
CVE-2024-34738 was published Aug 16, 2024
Grafana plugin data sources vulnerable to access control bypass Moderate
CVE-2024-6322 was published for github.com/grafana/grafana (Go) Aug 20, 2024
Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed... Critical Unreviewed
CVE-2024-28000 was published Aug 21, 2024
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2024-20466 was published Aug 21, 2024
Dell Power Manager (DPM), versions 3.15.0 and prior, contains an Incorrect Privilege Assignment... High Unreviewed
CVE-2024-39576 was published Aug 22, 2024
Mage AI incorrectly gives privileges to users with deleted accounts Moderate
CVE-2024-45187 was published for mage-ai (pip) Aug 23, 2024
Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account... High Unreviewed
CVE-2024-4555 was published Aug 28, 2024
Hwameistor Potential Permission Leakage of Cluster Level Moderate
CVE-2024-45054 was published for github.com/hwameistor/hwameistor (Go) Aug 29, 2024
younaman
Credited to younaman
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment... Moderate Unreviewed
CVE-2024-39579 was published Aug 31, 2024
IBM MQ Operator 2.0.26 and 3.2.4 could allow an authenticated user in a specifically defined role... High Unreviewed
CVE-2024-40681 was published Sep 7, 2024
The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in... High Unreviewed
CVE-2024-8253 was published Sep 11, 2024
Privilege Escalation vulnerability in favethemes Houzez Login Register houzez-login-register.This... High Unreviewed
CVE-2024-21743 was published Sep 17, 2024
Incorrect Privilege Assignment vulnerability in favethemes Houzez houzez allows Privilege... High Unreviewed
CVE-2024-22303 was published Sep 17, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-9082 was published Sep 22, 2024
A remote code execution (RCE) vulnerability in the component /admin/store.php of Emlog Pro before... Moderate Unreviewed
CVE-2024-46540 was published Sep 30, 2024
The WebDAV service in Infinera TNMS (Transcend Network Management System) 19.10.3 allows a low... Critical Unreviewed
CVE-2024-25660 was published Oct 1, 2024
This vulnerability exists in Shilpi Client Dashboard due to lack of authorization for... High Unreviewed
CVE-2024-47653 was published Oct 4, 2024
The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows... Moderate Unreviewed
CVE-2024-48941 was published Oct 10, 2024
The UserPlus plugin for WordPress is vulnerable to unauthorized modification of data due to an... High Unreviewed
CVE-2024-9519 was published Oct 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database