Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

871 advisories

Loading
Insecure Permissions vulnerability in Micro-Star International Co., Ltd MSI Center v.2.0.36.0... Moderate Unreviewed
CVE-2024-37726 was published Jul 3, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management... Moderate Unreviewed
CVE-2024-37126 was published Jul 2, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management... Moderate Unreviewed
CVE-2024-37133 was published Jul 2, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management... Moderate Unreviewed
CVE-2024-32854 was published Jul 2, 2024
The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce... Moderate Unreviewed
CVE-2024-4390 was published Jun 20, 2024
Rancher's External RoleTemplates can lead to privilege escalation Moderate
CVE-2023-32196 was published for github.com/rancher/rancher (Go) Jun 17, 2024
Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful... Moderate Unreviewed
CVE-2024-36499 was published Jun 14, 2024
Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP... Moderate Unreviewed
CVE-2024-32918 was published Jun 13, 2024
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows... Moderate Unreviewed
CVE-2024-5909 was published Jun 12, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows... Moderate Unreviewed
CVE-2024-5907 was published Jun 12, 2024
An improper privilege management vulnerability exists in Tenable Security Center where an... Moderate Unreviewed
CVE-2024-5759 was published Jun 12, 2024
A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.11... Moderate Unreviewed
CVE-2024-33500 was published Jun 11, 2024
Ariane Allegro Scenario Player through 2024-03-05, when Ariane Duo kiosk mode is used, allows... Moderate Unreviewed
CVE-2024-37364 was published Jun 6, 2024
Privilege Escalation in TYPO3 CMS Moderate
GHSA-v5jp-4h2p-j2p4 was published for typo3/cms (Composer) Jun 5, 2024
** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the SUID... Moderate Unreviewed
CVE-2024-29975 was published Jun 4, 2024
** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the command ... Moderate Unreviewed
CVE-2024-29976 was published Jun 4, 2024
TYPO3 Broken Access Control in Localization Handling Moderate
GHSA-9rx9-7fmh-gj3g was published for typo3/cms-core (Composer) May 30, 2024
Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows... Moderate Unreviewed
CVE-2023-48319 was published May 17, 2024
Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024... Moderate Unreviewed
CVE-2023-45320 was published May 16, 2024
Uncontrolled search path for some Intel(R) CST software before version 2.1.10300 may allow an... Moderate Unreviewed
CVE-2023-40155 was published May 16, 2024
Reportico Web fails to invalidate cookies upon logout Moderate
CVE-2024-31556 was published for reportico-web/reportico (Composer) May 14, 2024
An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with... Moderate Unreviewed
CVE-2024-31953 was published May 14, 2024
Neo4j Cypher component mishandles IMMUTABLE privileges Moderate
CVE-2024-34517 was published for org.neo4j:neo4j-cypher (Maven) May 7, 2024
irene221b
In atf spm, there is a possible way to remap physical memory to virtual memory due to a logic... Moderate Unreviewed
CVE-2024-20021 was published May 6, 2024
Jenkins Git server Plugin does not perform a permission check Moderate
CVE-2024-34146 was published for org.jenkins-ci.plugins:git-server (Maven) May 2, 2024
ProTip! Advisories are also available from the GraphQL API