GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,370 advisories
Filter by severity
Improper Privilege Management vulnerability in SAMPA? Holding AKOS allows Collect Data as...
Moderate
Unreviewed
CVE-2024-4259
was published
Sep 3, 2024
Improper Privilege Management vulnerability in Menulux Information Technologies Managment Portal...
Moderate
Unreviewed
CVE-2024-4428
was published
Aug 29, 2024
Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account...
High
Unreviewed
CVE-2024-4555
was published
Aug 28, 2024
An Incorrect Access Control vulnerability was found in /admin/delete_room.php in Kashipara Hotel...
High
Unreviewed
CVE-2024-42774
was published
Aug 22, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative...
Critical
Unreviewed
CVE-2024-36439
was published
Aug 22, 2024
The DXE module SmmComputrace contains a vulnerability that allows local attackers to leak stack...
High
Unreviewed
CVE-2024-33656
was published
Aug 21, 2024
A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful...
High
Unreviewed
CVE-2020-11846
was published
Aug 21, 2024
Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation...
High
Unreviewed
CVE-2023-22576
was published
Aug 21, 2024
Kanister vulnerable to cluster-level privilege escalation
Moderate
CVE-2024-43403
was published
for
github.com/kanisterio/kanister
(Go)
Aug 20, 2024
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could...
Critical
Unreviewed
CVE-2024-33872
was published
Aug 20, 2024
In XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them
Critical
CVE-2024-43401
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Aug 19, 2024
Improper Privilege Management vulnerability in Geek Code Lab Login As Users allows Privilege...
Critical
Unreviewed
CVE-2024-43311
was published
Aug 19, 2024
Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege...
Critical
Unreviewed
CVE-2024-43240
was published
Aug 19, 2024
Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This...
Critical
Unreviewed
CVE-2024-43245
was published
Aug 19, 2024
Microcks's POST /api/import and POST /api/export endpoints allow non-administrator access
High
CVE-2024-44076
was published
for
io.github.microcks:microcks-app
(Maven)
Aug 19, 2024
VTiger CRM <= 8.1.0 does not correctly check user privileges. A low-privileged user can interact...
High
Unreviewed
CVE-2024-42995
was published
Aug 16, 2024
In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for...
High
Unreviewed
CVE-2024-34741
was published
Aug 16, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due...
High
Unreviewed
CVE-2024-34743
was published
Aug 16, 2024
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom...
Moderate
Unreviewed
CVE-2024-42441
was published
Aug 14, 2024
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom...
Moderate
Unreviewed
CVE-2024-42440
was published
Aug 14, 2024
Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network...
Critical
Unreviewed
CVE-2024-21807
was published
Aug 14, 2024
Improper Privilege Management vulnerability in realmag777 HUSKY allows Privilege Escalation.This...
Critical
Unreviewed
CVE-2024-43121
was published
Aug 13, 2024
Improper Privilege Management vulnerability in WofficeIO Woffice allows Privilege Escalation.This...
Critical
Unreviewed
CVE-2024-43153
was published
Aug 13, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
High
Unreviewed
CVE-2024-41903
was published
Aug 13, 2024
An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via...
High
Unreviewed
CVE-2023-48171
was published
Aug 12, 2024
ProTip!
Advisories are also available from the
GraphQL API