Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

871 advisories

Loading
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... Moderate Unreviewed
CVE-2023-31005 was published Feb 3, 2024
HashiCorp Vault Improper Privilege Management Moderate
CVE-2020-10660 was published for github.com/hashicorp/vault/vault (Go) Jan 30, 2024
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,... Moderate Unreviewed
CVE-2024-0674 was published Jan 30, 2024
A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow... Moderate Unreviewed
CVE-2023-5080 was published Jan 19, 2024
Kruise allows leveraging the kruise-daemon pod to list all secrets in the entire cluster Moderate
CVE-2023-30617 was published for github.com/openkruise/kruise (Go) Jan 5, 2024
Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro Moderate Unreviewed
CVE-2023-41784 was published Jan 4, 2024
Craft CMS Privilege Escalation Moderate
CVE-2024-21622 was published for craftcms/cms (Composer) Jan 3, 2024
johnax0
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular... Moderate Unreviewed
CVE-2023-41776 was published Jan 3, 2024
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-51430 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-51429 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-23427 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-23438 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-23429 was published Dec 29, 2023
A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd... Moderate Unreviewed
CVE-2023-7090 was published Dec 24, 2023
Improper privilege management allowed arbitrary workflows to be committed and run using an... Moderate Unreviewed
CVE-2023-6804 was published Dec 21, 2023
A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4... Moderate Unreviewed
CVE-2023-3907 was published Dec 18, 2023
An issue was found in CPython 3.12.0 `subprocess` module on POSIX platforms. The issue was fixed... Moderate Unreviewed
CVE-2023-6507 was published Dec 8, 2023
there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic... Moderate Unreviewed
CVE-2023-48406 was published Dec 8, 2023
An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability... Moderate Unreviewed
CVE-2023-45083 was published Dec 5, 2023
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series... Moderate Unreviewed
CVE-2023-5797 was published Nov 28, 2023
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series... Moderate Unreviewed
CVE-2023-37925 was published Nov 28, 2023
An improper privilege management vulnerability in the ZySH of the Zyxel ATP series firmware... Moderate Unreviewed
CVE-2023-5650 was published Nov 28, 2023
An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX... Moderate Unreviewed
CVE-2023-5960 was published Nov 28, 2023
An issue was found with how API keys are created with the Fleet-Server service account. When an... Moderate Unreviewed
CVE-2021-37937 was published Nov 22, 2023
A vulnerability in the installer script of Cisco AppDynamics PHP Agent could allow an... Moderate Unreviewed
CVE-2023-20274 was published Nov 21, 2023
ProTip! Advisories are also available from the GraphQL API