GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,370 advisories
Filter by severity
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege...
High
Unreviewed
CVE-2024-9941
was published
Nov 23, 2024
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege...
Critical
Unreviewed
CVE-2024-9478
was published
Nov 20, 2024
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege...
Critical
Unreviewed
CVE-2024-9479
was published
Nov 20, 2024
Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider
Moderate
CVE-2024-31141
was published
for
org.apache.kafka:kafka-clients
(Maven)
Nov 19, 2024
A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow...
Moderate
Unreviewed
CVE-2020-26063
was published
Nov 18, 2024
The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9192
was published
Nov 16, 2024
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by...
High
Unreviewed
CVE-2024-9500
was published
Nov 16, 2024
Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to...
High
Unreviewed
CVE-2024-11206
was published
Nov 14, 2024
Privilege escalation to NetworkService Account access in Citrix Session Recording when an...
Moderate
Unreviewed
CVE-2024-8068
was published
Nov 12, 2024
Improper Privilege Management vulnerability in Nomysoft Informatics Nomysem allows Collect Data...
Critical
Unreviewed
CVE-2024-8074
was published
Nov 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an...
High
Unreviewed
CVE-2024-49558
was published
Nov 12, 2024
Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege...
High
Unreviewed
CVE-2024-24409
was published
Nov 8, 2024
A GitHub App installed in organizations could upgrade some permissions from read to write access...
High
Unreviewed
CVE-2024-8810
was published
Nov 8, 2024
Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on...
High
Unreviewed
CVE-2024-8424
was published
Nov 8, 2024
Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are...
High
Unreviewed
CVE-2024-10203
was published
Nov 7, 2024
Input parameter verification vulnerability in the background service module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-51521
was published
Nov 5, 2024
Access control vulnerable to user data deletion by anonynmous users
Moderate
CVE-2024-51734
was published
for
AccessControl
(pip)
Nov 4, 2024
An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in...
High
Unreviewed
CVE-2024-7473
was published
Oct 29, 2024
RKE2 allows privilege escalation in Windows nodes due to Insecure Access Control Lists
Critical
GHSA-x7xj-jvwp-97rv
was published
for
github.com/rancher/rke2
(Go)
Oct 25, 2024
Rancher Remote Code Execution via Cluster/Node Drivers
Critical
CVE-2024-22036
was published
for
github.com/rancher/rancher
(Go)
Oct 25, 2024
Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists
Critical
CVE-2023-32197
was published
for
github.com/rancher/rancher
(Go)
Oct 25, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ...
Moderate
Unreviewed
CVE-2024-20374
was published
Oct 23, 2024
Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for...
Moderate
Unreviewed
CVE-2023-25535
was published
Oct 17, 2024
The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit...
Moderate
Unreviewed
CVE-2024-45461
was published
Oct 16, 2024
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized
access,...
High
Unreviewed
CVE-2024-9002
was published
Oct 11, 2024
ProTip!
Advisories are also available from the
GraphQL API