GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,288 advisories
Filter by severity
In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper...
High
Unreviewed
CVE-2024-40662
was published
Sep 11, 2024
On versions before 2.1.4, after a regular user successfully logs in, they can manually make a...
Moderate
Unreviewed
CVE-2024-34457
was published
Jul 22, 2024
An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to...
Critical
Unreviewed
CVE-2024-44893
was published
Sep 10, 2024
Windows Installer Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38014
was published
Sep 10, 2024
Microsoft SQL Server Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-37980
was published
Sep 10, 2024
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www...
Moderate
Unreviewed
CVE-2024-6325
was published
Jul 16, 2024
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A...
Moderate
Unreviewed
CVE-2024-39574
was published
Sep 10, 2024
The installer (aka openvpn-client-installer) in Securepoint SSL VPN Client before 2.0.40 allows...
High
Unreviewed
CVE-2023-47101
was published
Oct 30, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2023-51429
was published
Dec 29, 2023
External Secrets Operator vulnerable to privilege escalation
High
CVE-2024-45041
was published
for
github.com/external-secrets/external-secrets
(Go)
Sep 9, 2024
Calico privilege escalation vulnerability
Moderate
CVE-2024-33522
was published
for
github.com/projectcalico/calico
(Go)
Apr 30, 2024
Supplementary groups are not set up properly in github.com/containerd/containerd
Moderate
CVE-2023-25173
was published
for
github.com/containerd/containerd
(Go)
Feb 16, 2023
Vela Insecure Defaults
Critical
CVE-2022-39395
was published
for
github.com/go-vela/server
(Go)
Nov 9, 2022
In System UI, there is a possible factory reset protection bypass due to a logic error in the...
High
Unreviewed
CVE-2023-21374
was published
Oct 30, 2023
In Activity Manager, there is a possible background activity launch due to a logic error in the...
High
Unreviewed
CVE-2023-21396
was published
Oct 30, 2023
In ActivityStarter, there is a possible background activity launch due to an unsafe PendingIntent...
High
Unreviewed
CVE-2023-21343
was published
Oct 30, 2023
In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value....
High
Unreviewed
CVE-2023-21397
was published
Oct 30, 2023
Celery local privilege escalation vulnerability
Moderate
CVE-2011-4356
was published
for
celery
(pip)
May 17, 2022
The WPCOM Member plugin for WordPress is vulnerable to privilege escalation in all versions up to...
Critical
Unreviewed
CVE-2024-7493
was published
Sep 6, 2024
The Newsletters plugin for WordPress is vulnerable to privilege escalation in all versions up to,...
High
Unreviewed
CVE-2024-8247
was published
Sep 6, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper privilege...
High
Unreviewed
CVE-2024-45173
was published
Sep 5, 2024
Improper Privilege Management vulnerability in SAMPA? Holding AKOS allows Collect Data as...
Moderate
Unreviewed
CVE-2024-4259
was published
Sep 3, 2024
Security vulnerability in the face unlock module. Successful exploitation of this vulnerability...
High
Unreviewed
CVE-2023-46771
was published
Nov 8, 2023
The multi-screen interaction module has a vulnerability in permission management. Successful...
High
Unreviewed
CVE-2023-46758
was published
Nov 8, 2023
Permission control vulnerability in the window management module. Successful exploitation of this...
Moderate
Unreviewed
CVE-2023-46756
was published
Nov 8, 2023
ProTip!
Advisories are also available from the
GraphQL API