Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,288 advisories

Loading
Improper Privilege Management vulnerability in Utarit Information Technologies SoliPay Mobile App... High Unreviewed
CVE-2023-4993 was published Feb 15, 2024
Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows... High Unreviewed
CVE-2023-6150 was published Nov 28, 2023
Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows... High Unreviewed
CVE-2023-6151 was published Nov 28, 2023
Improper Privilege Management vulnerability in Yepas Digital Yepas allows Collect Data as... High Unreviewed
CVE-2023-4972 was published Sep 14, 2023
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39... High Unreviewed
CVE-2023-6735 was published Jan 12, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative... Critical Unreviewed
CVE-2024-36439 was published Aug 22, 2024
An Incorrect Access Control vulnerability was found in /admin/delete_room.php in Kashipara Hotel... High Unreviewed
CVE-2024-42774 was published Aug 22, 2024
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0... Critical Unreviewed
CVE-2024-33226 was published May 22, 2024
An issue in SUPERAntiSyware Professional X 10.0.1262 and 10.0.1264 allows unprivileged attackers... High Unreviewed
CVE-2024-27518 was published Apr 29, 2024
In the Windows installer in Atos Eviden CardOS API before 5.5.5.2811, Local Privilege Escalation... High Unreviewed
CVE-2023-41099 was published Mar 22, 2024
An issue was discovered in Presta World "Account Manager - Sales Representative & Dealers - CRM" ... High Unreviewed
CVE-2024-25842 was published Mar 3, 2024
The DXE module SmmComputrace contains a vulnerability that allows local attackers to leak stack... High Unreviewed
CVE-2024-33656 was published Aug 21, 2024
Kanister vulnerable to cluster-level privilege escalation High
CVE-2024-43403 was published for github.com/kanisterio/kanister (Go) Aug 20, 2024
younaman
An access control issue in Wvp GB28181 Pro 2.0 allows authenticated attackers to escalate... High Unreviewed
CVE-2024-37665 was published Jun 12, 2024
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote... High Unreviewed
CVE-2024-27711 was published Jul 5, 2024
A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful... High Unreviewed
CVE-2020-11846 was published Aug 21, 2024
Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation... High Unreviewed
CVE-2023-22576 was published Aug 21, 2024
The mobile application (com.transsion.videocallenhancer) interface has improper permission... High Unreviewed
CVE-2024-4988 was published May 21, 2024
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could... Critical Unreviewed
CVE-2024-33872 was published Aug 20, 2024
In XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them Critical
CVE-2024-43401 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Aug 19, 2024
floerer
Microcks's POST /api/import and POST /api/export endpoints allow non-administrator access Moderate
CVE-2024-44076 was published for io.github.microcks:microcks-app (Maven) Aug 19, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due... High Unreviewed
CVE-2024-34743 was published Aug 16, 2024
An issue in Multilaser RE160V firmware v12.03.01.09_pt and Multilaser RE163V firmware v12.03.01... Critical Unreviewed
CVE-2023-38944 was published Mar 6, 2024
Improper Privilege Management vulnerability in Geek Code Lab Login As Users allows Privilege... Critical Unreviewed
CVE-2024-43311 was published Aug 19, 2024
Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege... Critical Unreviewed
CVE-2024-43240 was published Aug 19, 2024
ProTip! Advisories are also available from the GraphQL API