GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,288 advisories
Filter by severity
Improper Privilege Management vulnerability in Utarit Information Technologies SoliPay Mobile App...
High
Unreviewed
CVE-2023-4993
was published
Feb 15, 2024
Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows...
High
Unreviewed
CVE-2023-6150
was published
Nov 28, 2023
Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows...
High
Unreviewed
CVE-2023-6151
was published
Nov 28, 2023
Improper Privilege Management vulnerability in Yepas Digital Yepas allows Collect Data as...
High
Unreviewed
CVE-2023-4972
was published
Sep 14, 2023
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39...
High
Unreviewed
CVE-2023-6735
was published
Jan 12, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative...
Critical
Unreviewed
CVE-2024-36439
was published
Aug 22, 2024
An Incorrect Access Control vulnerability was found in /admin/delete_room.php in Kashipara Hotel...
High
Unreviewed
CVE-2024-42774
was published
Aug 22, 2024
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0...
Critical
Unreviewed
CVE-2024-33226
was published
May 22, 2024
An issue in SUPERAntiSyware Professional X 10.0.1262 and 10.0.1264 allows unprivileged attackers...
High
Unreviewed
CVE-2024-27518
was published
Apr 29, 2024
In the Windows installer in Atos Eviden CardOS API before 5.5.5.2811, Local Privilege Escalation...
High
Unreviewed
CVE-2023-41099
was published
Mar 22, 2024
An issue was discovered in Presta World "Account Manager - Sales Representative & Dealers - CRM" ...
High
Unreviewed
CVE-2024-25842
was published
Mar 3, 2024
The DXE module SmmComputrace contains a vulnerability that allows local attackers to leak stack...
High
Unreviewed
CVE-2024-33656
was published
Aug 21, 2024
Kanister vulnerable to cluster-level privilege escalation
High
CVE-2024-43403
was published
for
github.com/kanisterio/kanister
(Go)
Aug 20, 2024
An access control issue in Wvp GB28181 Pro 2.0 allows authenticated attackers to escalate...
High
Unreviewed
CVE-2024-37665
was published
Jun 12, 2024
An issue in Eskooly Free Online School management Software v.3.0 and before allows a remote...
High
Unreviewed
CVE-2024-27711
was published
Jul 5, 2024
A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful...
High
Unreviewed
CVE-2020-11846
was published
Aug 21, 2024
Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation...
High
Unreviewed
CVE-2023-22576
was published
Aug 21, 2024
The mobile application (com.transsion.videocallenhancer) interface has improper permission...
High
Unreviewed
CVE-2024-4988
was published
May 21, 2024
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could...
Critical
Unreviewed
CVE-2024-33872
was published
Aug 20, 2024
In XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them
Critical
CVE-2024-43401
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Aug 19, 2024
Microcks's POST /api/import and POST /api/export endpoints allow non-administrator access
Moderate
CVE-2024-44076
was published
for
io.github.microcks:microcks-app
(Maven)
Aug 19, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due...
High
Unreviewed
CVE-2024-34743
was published
Aug 16, 2024
An issue in Multilaser RE160V firmware v12.03.01.09_pt and Multilaser RE163V firmware v12.03.01...
Critical
Unreviewed
CVE-2023-38944
was published
Mar 6, 2024
Improper Privilege Management vulnerability in Geek Code Lab Login As Users allows Privilege...
Critical
Unreviewed
CVE-2024-43311
was published
Aug 19, 2024
Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege...
Critical
Unreviewed
CVE-2024-43240
was published
Aug 19, 2024
ProTip!
Advisories are also available from the
GraphQL API