GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,288 advisories
Filter by severity
Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP...
Moderate
Unreviewed
CVE-2024-32918
was published
Jun 13, 2024
In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an...
High
Unreviewed
CVE-2024-29784
was published
Jun 13, 2024
AdGuardHome privilege escalation vulnerability
High
CVE-2024-36586
was published
for
github.com/AdguardTeam/AdGuardHome
(Go)
Jun 13, 2024
An access control issue in Wvp GB28181 Pro 2.0 allows authenticated attackers to escalate...
High
Unreviewed
CVE-2024-37665
was published
Jun 12, 2024
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows...
Moderate
Unreviewed
CVE-2024-5909
was published
Jun 12, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows...
Moderate
Unreviewed
CVE-2024-5907
was published
Jun 12, 2024
An improper privilege management vulnerability exists in Tenable Security Center where an...
Moderate
Unreviewed
CVE-2024-5759
was published
Jun 12, 2024
Keycloak's admin API allows low privilege users to use administrative functions
High
CVE-2024-3656
was published
for
org.keycloak:keycloak-services
(Maven)
Jun 11, 2024
A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.11...
Moderate
Unreviewed
CVE-2024-33500
was published
Jun 11, 2024
Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that...
High
Unreviewed
CVE-2024-32849
was published
Jun 11, 2024
The issue was addressed with improved checks. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS...
High
Unreviewed
CVE-2024-27811
was published
Jun 10, 2024
An issue in SiSoftware SANDRA v31.66 (SANDRA.sys 15.18.1.1) and before allows an attacker to...
High
Unreviewed
CVE-2024-34332
was published
Jun 10, 2024
Ariane Allegro Scenario Player through 2024-03-05, when Ariane Duo kiosk mode is used, allows...
Moderate
Unreviewed
CVE-2024-37364
was published
Jun 6, 2024
Privilege Escalation in TYPO3 CMS
Moderate
GHSA-v5jp-4h2p-j2p4
was published
for
typo3/cms
(Composer)
Jun 5, 2024
Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation...
Critical
Unreviewed
CVE-2024-35700
was published
Jun 4, 2024
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege...
High
Unreviewed
CVE-2023-47837
was published
Jun 4, 2024
** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the SUID...
Moderate
Unreviewed
CVE-2024-29975
was published
Jun 4, 2024
** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the command ...
Moderate
Unreviewed
CVE-2024-29976
was published
Jun 4, 2024
Improper privilege management vulnerability in Astrotalks affecting version 10/03/2023. This...
High
Unreviewed
CVE-2024-5525
was published
May 31, 2024
TYPO3 may allow editors to change, create, or delete metadata of files not within their file mounts
High
GHSA-4r76-xr68-w7m7
was published
for
typo3/cms
(Composer)
May 30, 2024
TYPO3 Broken Access Control in Localization Handling
Moderate
GHSA-9rx9-7fmh-gj3g
was published
for
typo3/cms-core
(Composer)
May 30, 2024
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated...
High
Unreviewed
CVE-2024-27264
was published
May 22, 2024
Qlik Sense Enterprise for Windows before 14.187.4 allows a remote attacker to elevate their...
High
Unreviewed
CVE-2024-36077
was published
May 22, 2024
An issue in the component IOMap64.sys of ASUSTeK Computer Inc ASUS GPU TweakII v1.4.5.2 allows...
High
Unreviewed
CVE-2024-33223
was published
May 22, 2024
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0...
Critical
Unreviewed
CVE-2024-33226
was published
May 22, 2024
ProTip!
Advisories are also available from the
GraphQL API