GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
871 advisories
Filter by severity
Insecure Permissions vulnerability in Micro-Star International Co., Ltd MSI Center v.2.0.36.0...
Moderate
Unreviewed
CVE-2024-37726
was published
Jul 3, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management...
Moderate
Unreviewed
CVE-2024-37126
was published
Jul 2, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management...
Moderate
Unreviewed
CVE-2024-37133
was published
Jul 2, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management...
Moderate
Unreviewed
CVE-2024-32854
was published
Jul 2, 2024
The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce...
Moderate
Unreviewed
CVE-2024-4390
was published
Jun 20, 2024
Rancher's External RoleTemplates can lead to privilege escalation
Moderate
CVE-2023-32196
was published
for
github.com/rancher/rancher
(Go)
Jun 17, 2024
Vulnerability of unauthorized screenshot capturing in the WMS module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-36499
was published
Jun 14, 2024
Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP...
Moderate
Unreviewed
CVE-2024-32918
was published
Jun 13, 2024
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows...
Moderate
Unreviewed
CVE-2024-5909
was published
Jun 12, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows...
Moderate
Unreviewed
CVE-2024-5907
was published
Jun 12, 2024
An improper privilege management vulnerability exists in Tenable Security Center where an...
Moderate
Unreviewed
CVE-2024-5759
was published
Jun 12, 2024
A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.11...
Moderate
Unreviewed
CVE-2024-33500
was published
Jun 11, 2024
Ariane Allegro Scenario Player through 2024-03-05, when Ariane Duo kiosk mode is used, allows...
Moderate
Unreviewed
CVE-2024-37364
was published
Jun 6, 2024
Privilege Escalation in TYPO3 CMS
Moderate
GHSA-v5jp-4h2p-j2p4
was published
for
typo3/cms
(Composer)
Jun 5, 2024
** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the SUID...
Moderate
Unreviewed
CVE-2024-29975
was published
Jun 4, 2024
** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the command ...
Moderate
Unreviewed
CVE-2024-29976
was published
Jun 4, 2024
TYPO3 Broken Access Control in Localization Handling
Moderate
GHSA-9rx9-7fmh-gj3g
was published
for
typo3/cms-core
(Composer)
May 30, 2024
Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows...
Moderate
Unreviewed
CVE-2023-48319
was published
May 17, 2024
Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024...
Moderate
Unreviewed
CVE-2023-45320
was published
May 16, 2024
Uncontrolled search path for some Intel(R) CST software before version 2.1.10300 may allow an...
Moderate
Unreviewed
CVE-2023-40155
was published
May 16, 2024
Reportico Web fails to invalidate cookies upon logout
Moderate
CVE-2024-31556
was published
for
reportico-web/reportico
(Composer)
May 14, 2024
An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with...
Moderate
Unreviewed
CVE-2024-31953
was published
May 14, 2024
Neo4j Cypher component mishandles IMMUTABLE privileges
Moderate
CVE-2024-34517
was published
for
org.neo4j:neo4j-cypher
(Maven)
May 7, 2024
In atf spm, there is a possible way to remap physical memory to virtual memory due to a logic...
Moderate
Unreviewed
CVE-2024-20021
was published
May 6, 2024
Jenkins Git server Plugin does not perform a permission check
Moderate
CVE-2024-34146
was published
for
org.jenkins-ci.plugins:git-server
(Maven)
May 2, 2024
ProTip!
Advisories are also available from the
GraphQL API