Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

257 advisories

Loading
In Blue Planet® products through 22.12, a misconfiguration in the SAML implementation allows... Critical Unreviewed
CVE-2024-2005 was published Mar 6, 2024
An issue in Multilaser RE160V firmware v12.03.01.09_pt and Multilaser RE163V firmware v12.03.01... Critical Unreviewed
CVE-2023-38944 was published Mar 6, 2024
SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" ... Critical Unreviewed
CVE-2024-25847 was published Mar 3, 2024
An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain... Critical Unreviewed
CVE-2023-47132 was published Feb 9, 2024
HashiCorp Vault Improper Privilege Management Critical
CVE-2020-10661 was published for github.com/hashicorp/vault/vault (Go) Jan 30, 2024
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to... Critical Unreviewed
CVE-2024-22922 was published Jan 26, 2024
Arbitrary remote code execution within `wrangler dev` Workers sandbox Critical
CVE-2023-7080 was published for wrangler (npm) Jan 3, 2024
Lekensteyn
 In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a     possible way to access... Critical Unreviewed
CVE-2023-48418 was published Jan 3, 2024
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in... Critical Unreviewed
CVE-2023-48419 was published Jan 2, 2024
An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard... Critical Unreviewed
CVE-2023-47267 was published Dec 20, 2023
Improper Privilege Management in sap-xssec Critical
GHSA-6mjg-37cp-42x5 was published for sap-xssec (pip) Dec 13, 2023
rosenblueh
Improper Privilege Management in github.com/sap/cloud-security-client-go Critical
GHSA-m8rw-rcpq-2vp2 was published for github.com/sap/cloud-security-client-go (Go) Dec 13, 2023
Improper JWT Signature Validation in SAP Security Services Library Critical
GHSA-59c9-pxq8-9c73 was published for com.sap.cloud.security.xsuaa:spring-xsuaa (Maven) Dec 13, 2023
rosenblueh
Privilege escalation in sap-xssec Critical
CVE-2023-50423 was published for sap-xssec (pip) Dec 12, 2023
Escalation of privileges in @sap/xssec Critical
CVE-2023-49583 was published for @sap/xssec (npm) Dec 12, 2023
leon-vg
Improper JWT Signature Validation in SAP Security Services Library Critical
CVE-2023-50422 was published for com.sap.cloud.security.xsuaa:spring-xsuaa (Maven) Dec 12, 2023
Privilege escalation in sap/cloud-security-client-go Critical
CVE-2023-50424 was published for github.com/sap/cloud-security-client-go (Go) Dec 12, 2023
Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation.... Critical Unreviewed
CVE-2023-41807 was published Nov 23, 2023
A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older... Critical Unreviewed
CVE-2023-39335 was published Nov 15, 2023
Protection mechanism failure in some Intel DCM software before version 5.2 may allow an... Critical Unreviewed
CVE-2023-31273 was published Nov 14, 2023
A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software... Critical Unreviewed
CVE-2023-20048 was published Nov 1, 2023
Vulnerability of permissions not being strictly verified in the window management module... Critical Unreviewed
CVE-2023-44105 was published Oct 11, 2023
Puppet Bolt privilege escalation vulnerability Critical
CVE-2023-5214 was published for bolt (RubyGems) Oct 6, 2023
A?CWE-269: Improper Privilege Management vulnerability exists?that could cause?a local privilege... Critical Unreviewed
CVE-2023-5402 was published Oct 4, 2023
SiberianCMS - CWE-274: Improper Handling of Insufficient Privileges Critical Unreviewed
CVE-2023-39375 was published Sep 27, 2023
ProTip! Advisories are also available from the GraphQL API