Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

887 advisories

Loading
Entrust Instant Financial Issuance (formerly known as Cardwizard) 6.10.0, 6.9.0, 6.9.1, 6.9.2,... Moderate Unreviewed
CVE-2024-39342 was published Sep 23, 2024
Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain... Moderate Unreviewed
CVE-2024-44540 was published Sep 23, 2024
This vulnerability allows local attackers to escalate privileges on affected installations of... Moderate Unreviewed
CVE-2023-6006 was published Nov 14, 2023
The com.cutestudio.colordialer application through 2.1.8-2 for Android allows a remote attacker... Moderate Unreviewed
CVE-2023-42468 was published Sep 13, 2023
In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general... Moderate Unreviewed
CVE-2023-35671 was published Sep 11, 2023
An improper privilege management vulnerability allowed arbitrary workflows to be committed using... Moderate Unreviewed
CVE-2024-8263 was published Sep 23, 2024
loguru vulnerable to improper privilege management Moderate
CVE-2022-0338 was published for loguru (pip) Jan 26, 2022
Wago web-based management of multiple products has a vulnerability which allows an local... Moderate Unreviewed
CVE-2023-3379 was published Nov 20, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15... Moderate Unreviewed
CVE-2023-2485 was published Jun 7, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2... Moderate Unreviewed
CVE-2024-1250 was published Feb 12, 2024
A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4... Moderate Unreviewed
CVE-2023-3907 was published Dec 18, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 before 16.7.6... Moderate Unreviewed
CVE-2023-6477 was published Feb 22, 2024
A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate... Moderate Unreviewed
CVE-2024-45919 was published Oct 7, 2024
An issue in Shanghai Zhouma Network Technology CO., Ltd IMS Intelligent Manufacturing... Moderate Unreviewed
CVE-2024-44439 was published Oct 4, 2024
VMware NSX contains a local privilege escalation vulnerability.  An authenticated malicious... Moderate Unreviewed
CVE-2024-38818 was published Oct 9, 2024
In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API... Moderate Unreviewed
CVE-2024-7048 was published Oct 10, 2024
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800... Moderate Unreviewed
CVE-2024-22068 was published Oct 10, 2024
Improper privilege management in pyftpdlib Moderate
CVE-2007-6741 was published for pyftpdlib (pip) May 1, 2022
A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software... Moderate Unreviewed
CVE-2024-9471 was published Oct 9, 2024
Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for... Moderate Unreviewed
CVE-2023-25535 was published Oct 17, 2024
The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit... Moderate Unreviewed
CVE-2024-45461 was published Oct 16, 2024
Sentry vulnerable to invite code reuse via cookie manipulation Moderate
CVE-2022-23485 was published for sentry (pip) Dec 12, 2022
tdunlap607
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix... Moderate Unreviewed
CVE-2024-7890 was published Sep 12, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ... Moderate Unreviewed
CVE-2024-20374 was published Oct 23, 2024
Input parameter verification vulnerability in the background service module Impact: Successful... Moderate Unreviewed
CVE-2024-51521 was published Nov 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database