Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

871 advisories

Loading
An issue in spidernet-io spiderpool v.0.9.3 and before allows a local attacker to execute... Moderate Unreviewed
CVE-2024-33393 was published May 1, 2024
Calico privilege escalation vulnerability Moderate
CVE-2024-33522 was published for github.com/projectcalico/calico (Go) Apr 30, 2024
By default, SANnav OVA is shipped with root user login enabled. While protected by a password,... Moderate Unreviewed
CVE-2024-2859 was published Apr 27, 2024
An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that... Moderate Unreviewed
CVE-2024-3470 was published Apr 19, 2024
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed
CVE-2024-3388 was published Apr 10, 2024
Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5... Moderate Unreviewed
CVE-2024-27247 was published Apr 9, 2024
Improper privilege management in the installer for Zoom Desktop Client for Windows before version... Moderate Unreviewed
CVE-2024-24694 was published Apr 9, 2024
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid... Moderate Unreviewed
CVE-2024-20282 was published Apr 3, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management... Moderate Unreviewed
CVE-2024-25961 was published Mar 28, 2024
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-26247 was published Mar 23, 2024
IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could allow an authenticated user with... Moderate Unreviewed
CVE-2023-47715 was published Mar 21, 2024
An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that... Moderate Unreviewed
CVE-2024-1908 was published Mar 21, 2024
Users with `create` but not `override` privileges can perform local sync Moderate
CVE-2023-50726 was published for github.com/argoproj/argo-cd (Go) Mar 15, 2024
crenshaw-dev
An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the... Moderate Unreviewed
CVE-2024-2431 was published Mar 13, 2024
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an... Moderate Unreviewed
CVE-2024-2433 was published Mar 13, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows... Moderate Unreviewed
CVE-2024-2432 was published Mar 13, 2024
A vulnerability in the Secure Copy Protocol (SCP) and SFTP feature of Cisco IOS XR Software could... Moderate Unreviewed
CVE-2024-20262 was published Mar 13, 2024
In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds... Moderate Unreviewed
CVE-2024-25987 was published Mar 11, 2024
In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, there is a possible out of... Moderate Unreviewed
CVE-2024-25990 was published Mar 11, 2024
Grafana's users with permissions to create a data source can CRUD all data sources Moderate
CVE-2024-1442 was published for github.com/grafana/grafana (Go) Mar 7, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 before 16.7.6... Moderate Unreviewed
CVE-2023-6477 was published Feb 22, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2... Moderate Unreviewed
CVE-2024-1250 was published Feb 12, 2024
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client... Moderate Unreviewed
CVE-2024-23764 was published Feb 8, 2024
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user... Moderate Unreviewed
CVE-2024-22239 was published Feb 6, 2024
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion... Moderate Unreviewed
CVE-2023-28049 was published Feb 6, 2024
ProTip! Advisories are also available from the GraphQL API