Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

257 advisories

Loading
Execution with Unnecessary Privileges vulnerability in Saphira Saphira Connect allows Remote Code... Critical Unreviewed
CVE-2023-4662 was published Sep 15, 2023
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Built-in features of Windows ... Critical Unreviewed
CVE-2023-36657 was published Sep 15, 2023
An Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering... Critical Unreviewed
CVE-2023-31175 was published Aug 31, 2023
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a... Critical Unreviewed
CVE-2019-13690 was published Aug 25, 2023
The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in... Critical Unreviewed
CVE-2023-4404 was published Aug 23, 2023
IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable... Critical Unreviewed
CVE-2023-38734 was published Aug 23, 2023
An issue was discovered in getRememberedSerializedIdentity function in CookieRememberMeManager... Critical Unreviewed
CVE-2021-28411 was published Aug 11, 2023
KubePi Privilege Escalation vulnerability Critical
CVE-2023-37917 was published for github.com/KubeOperator/kubepi (Go) Jul 21, 2023
ch1nhpd
The MStore API WordPress plugin before 3.9.9 does not prevent visitors from creating user... Critical Unreviewed
CVE-2023-3076 was published Jul 10, 2023
Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,... Critical Unreviewed
CVE-2023-0635 was published Jul 6, 2023
Apache InLong Improper Privilege Management vulnerability Critical
CVE-2023-31062 was published for org.apache.inlong:manager-dao (Maven) Jul 6, 2023
Use After Free (UAF) vulnerability in the uinput module.Successful exploitation of this... Critical Unreviewed
CVE-2021-46894 was published Jul 6, 2023
The Ultimate Member WordPress plugin before 2.6.7 does not prevent visitors from creating user... Critical Unreviewed
CVE-2023-3460 was published Jul 4, 2023
XWiki Platform's Mail.MailConfig can be edited by any user with edit rights Critical
CVE-2023-34465 was published for org.xwiki.platform:xwiki-platform-mail-send-default (Maven) Jun 20, 2023
Rancher vulnerable to Privilege Escalation via manipulation of Secrets Critical
CVE-2023-22647 was published for rancher/rancher (Go) Jun 6, 2023
In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in... Critical Unreviewed
CVE-2023-32713 was published Jun 1, 2023
An issue found in edjing Mix v.7.09.01 for Android allows unauthorized apps to cause escalation... Critical Unreviewed
CVE-2023-29734 was published May 30, 2023
Code execution and sensitive information disclosure due to excessive privileges assigned to... Critical Unreviewed
CVE-2022-3405 was published May 3, 2023
Instruments with Illumina Universal Copy Service v1.x and v2.x contain an unnecessary privileges... Critical Unreviewed
CVE-2023-1966 was published Apr 28, 2023
Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local... Critical Unreviewed
CVE-2023-25133 was published Apr 24, 2023
Apache Spark vulnerable to Improper Privilege Management Critical
CVE-2023-22946 was published for org.apache.spark:spark-core_2.12 (Maven) Apr 17, 2023
pan3793
TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via... Critical Unreviewed
CVE-2023-27830 was published Apr 12, 2023
xwiki-platform vulnerable to Remote Code Execution in Annotations Critical
CVE-2023-26475 was published for org.xwiki.platform:xwiki-platform-annotation-ui (Maven) Mar 2, 2023
renniepak
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x, contains an Improper Handling of Insufficient Privileges... Critical Unreviewed
CVE-2022-45101 was published Feb 1, 2023
The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure... Critical Unreviewed
CVE-2022-4305 was published Jan 23, 2023
ProTip! Advisories are also available from the GraphQL API