GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
257 advisories
Filter by severity
In Blue Planet® products through 22.12, a misconfiguration in the SAML implementation allows...
Critical
Unreviewed
CVE-2024-2005
was published
Mar 6, 2024
An issue in Multilaser RE160V firmware v12.03.01.09_pt and Multilaser RE163V firmware v12.03.01...
Critical
Unreviewed
CVE-2023-38944
was published
Mar 6, 2024
SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" ...
Critical
Unreviewed
CVE-2024-25847
was published
Mar 3, 2024
An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain...
Critical
Unreviewed
CVE-2023-47132
was published
Feb 9, 2024
HashiCorp Vault Improper Privilege Management
Critical
CVE-2020-10661
was published
for
github.com/hashicorp/vault/vault
(Go)
Jan 30, 2024
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to...
Critical
Unreviewed
CVE-2024-22922
was published
Jan 26, 2024
Arbitrary remote code execution within `wrangler dev` Workers sandbox
Critical
CVE-2023-7080
was published
for
wrangler
(npm)
Jan 3, 2024
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a
possible way to access...
Critical
Unreviewed
CVE-2023-48418
was published
Jan 3, 2024
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in...
Critical
Unreviewed
CVE-2023-48419
was published
Jan 2, 2024
An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard...
Critical
Unreviewed
CVE-2023-47267
was published
Dec 20, 2023
Improper Privilege Management in sap-xssec
Critical
GHSA-6mjg-37cp-42x5
was published
for
sap-xssec
(pip)
Dec 13, 2023
Improper Privilege Management in github.com/sap/cloud-security-client-go
Critical
GHSA-m8rw-rcpq-2vp2
was published
for
github.com/sap/cloud-security-client-go
(Go)
Dec 13, 2023
Improper JWT Signature Validation in SAP Security Services Library
Critical
GHSA-59c9-pxq8-9c73
was published
for
com.sap.cloud.security.xsuaa:spring-xsuaa
(Maven)
Dec 13, 2023
Privilege escalation in sap-xssec
Critical
CVE-2023-50423
was published
for
sap-xssec
(pip)
Dec 12, 2023
Escalation of privileges in @sap/xssec
Critical
CVE-2023-49583
was published
for
@sap/xssec
(npm)
Dec 12, 2023
Improper JWT Signature Validation in SAP Security Services Library
Critical
CVE-2023-50422
was published
for
com.sap.cloud.security.xsuaa:spring-xsuaa
(Maven)
Dec 12, 2023
Privilege escalation in sap/cloud-security-client-go
Critical
CVE-2023-50424
was published
for
github.com/sap/cloud-security-client-go
(Go)
Dec 12, 2023
Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation....
Critical
Unreviewed
CVE-2023-41807
was published
Nov 23, 2023
A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older...
Critical
Unreviewed
CVE-2023-39335
was published
Nov 15, 2023
Protection mechanism failure in some Intel DCM software before version 5.2 may allow an...
Critical
Unreviewed
CVE-2023-31273
was published
Nov 14, 2023
A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software...
Critical
Unreviewed
CVE-2023-20048
was published
Nov 1, 2023
Vulnerability of permissions not being strictly verified in the window management module...
Critical
Unreviewed
CVE-2023-44105
was published
Oct 11, 2023
Puppet Bolt privilege escalation vulnerability
Critical
CVE-2023-5214
was published
for
bolt
(RubyGems)
Oct 6, 2023
A?CWE-269: Improper Privilege Management vulnerability exists?that could cause?a local privilege...
Critical
Unreviewed
CVE-2023-5402
was published
Oct 4, 2023
SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges
Critical
Unreviewed
CVE-2023-39375
was published
Sep 27, 2023
ProTip!
Advisories are also available from the
GraphQL API