GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
871 advisories
Filter by severity
Wago web-based management of multiple products has a vulnerability which allows an local...
Moderate
Unreviewed
CVE-2023-3379
was published
Nov 20, 2023
An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27...
Moderate
Unreviewed
CVE-2023-6119
was published
Nov 16, 2023
Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in...
Moderate
Unreviewed
CVE-2023-44292
was published
Nov 16, 2023
Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in...
Moderate
Unreviewed
CVE-2023-44282
was published
Nov 16, 2023
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software...
Moderate
Unreviewed
CVE-2022-41700
was published
Nov 14, 2023
The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version...
Moderate
Unreviewed
CVE-2023-35140
was published
Nov 14, 2023
This vulnerability allows local attackers to escalate privileges on affected installations of...
Moderate
Unreviewed
CVE-2023-6006
was published
Nov 14, 2023
Moodle Improper Access Control vulnerability
Moderate
CVE-2023-5549
was published
for
moodle/moodle
(Composer)
Nov 9, 2023
Permission control vulnerability in the window management module. Successful exploitation of this...
Moderate
Unreviewed
CVE-2023-46756
was published
Nov 8, 2023
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that...
Moderate
Unreviewed
CVE-2023-43018
was published
Nov 3, 2023
Under certain conditions, a low privileged attacker could load a specially crafted file during...
Moderate
Unreviewed
CVE-2023-5847
was published
Nov 1, 2023
Zscaler Client Connector Installer on Windows before version 3.4.0.124 improperly handled...
Moderate
Unreviewed
CVE-2021-26734
was published
Oct 23, 2023
Grafana privilege escalation vulnerability
Moderate
CVE-2023-4822
was published
for
github.com/grafana/grafana
(Go)
Oct 16, 2023
In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to...
Moderate
Unreviewed
CVE-2023-4834
was published
Oct 16, 2023
PrestaShop allows users to uninstall modules from backoffice, even with low rights
Moderate
CVE-2023-43663
was published
for
prestashop/prestashop
(Composer)
Sep 28, 2023
PrestaShop allows employee without any access rights to list all installed modules
Moderate
CVE-2023-43664
was published
for
prestashop/prestashop
(Composer)
Sep 28, 2023
Permission control vulnerability in the audio module. Successful exploitation of this...
Moderate
Unreviewed
CVE-2023-41312
was published
Sep 27, 2023
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor...
Moderate
Unreviewed
CVE-2023-34043
was published
Sep 27, 2023
A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated,...
Moderate
Unreviewed
CVE-2023-20193
was published
Sep 7, 2023
A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read...
Moderate
Unreviewed
CVE-2023-20194
was published
Sep 7, 2023
Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows...
Moderate
Unreviewed
CVE-2023-30716
was published
Sep 6, 2023
Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep...
Moderate
Unreviewed
CVE-2023-30713
was published
Sep 6, 2023
An Improper Privilege Management vulnerability was found in ASUSTOR Data Master (ADM) allows an...
Moderate
Unreviewed
CVE-2023-3699
was published
Aug 22, 2023
Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high...
Moderate
Unreviewed
CVE-2023-32490
was published
Aug 16, 2023
The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2023-4293
was published
Aug 12, 2023
ProTip!
Advisories are also available from the
GraphQL API