Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,288 advisories

Loading
Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP... Moderate Unreviewed
CVE-2024-32918 was published Jun 13, 2024
In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an... High Unreviewed
CVE-2024-29784 was published Jun 13, 2024
AdGuardHome privilege escalation vulnerability High
CVE-2024-36586 was published for github.com/AdguardTeam/AdGuardHome (Go) Jun 13, 2024
An access control issue in Wvp GB28181 Pro 2.0 allows authenticated attackers to escalate... High Unreviewed
CVE-2024-37665 was published Jun 12, 2024
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows... Moderate Unreviewed
CVE-2024-5909 was published Jun 12, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows... Moderate Unreviewed
CVE-2024-5907 was published Jun 12, 2024
An improper privilege management vulnerability exists in Tenable Security Center where an... Moderate Unreviewed
CVE-2024-5759 was published Jun 12, 2024
Keycloak's admin API allows low privilege users to use administrative functions High
CVE-2024-3656 was published for org.keycloak:keycloak-services (Maven) Jun 11, 2024
A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.11... Moderate Unreviewed
CVE-2024-33500 was published Jun 11, 2024
Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that... High Unreviewed
CVE-2024-32849 was published Jun 11, 2024
The issue was addressed with improved checks. This issue is fixed in tvOS 17.5, visionOS 1.2, iOS... High Unreviewed
CVE-2024-27811 was published Jun 10, 2024
An issue in SiSoftware SANDRA v31.66 (SANDRA.sys 15.18.1.1) and before allows an attacker to... High Unreviewed
CVE-2024-34332 was published Jun 10, 2024
Ariane Allegro Scenario Player through 2024-03-05, when Ariane Duo kiosk mode is used, allows... Moderate Unreviewed
CVE-2024-37364 was published Jun 6, 2024
Privilege Escalation in TYPO3 CMS Moderate
GHSA-v5jp-4h2p-j2p4 was published for typo3/cms (Composer) Jun 5, 2024
Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation... Critical Unreviewed
CVE-2024-35700 was published Jun 4, 2024
Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege... High Unreviewed
CVE-2023-47837 was published Jun 4, 2024
** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the SUID... Moderate Unreviewed
CVE-2024-29975 was published Jun 4, 2024
** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the command ... Moderate Unreviewed
CVE-2024-29976 was published Jun 4, 2024
Improper privilege management vulnerability in Astrotalks affecting version 10/03/2023. This... High Unreviewed
CVE-2024-5525 was published May 31, 2024
TYPO3 may allow editors to change, create, or delete metadata of files not within their file mounts High
GHSA-4r76-xr68-w7m7 was published for typo3/cms (Composer) May 30, 2024
TYPO3 Broken Access Control in Localization Handling Moderate
GHSA-9rx9-7fmh-gj3g was published for typo3/cms-core (Composer) May 30, 2024
IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated... High Unreviewed
CVE-2024-27264 was published May 22, 2024
Qlik Sense Enterprise for Windows before 14.187.4 allows a remote attacker to elevate their... High Unreviewed
CVE-2024-36077 was published May 22, 2024
An issue in the component IOMap64.sys of ASUSTeK Computer Inc ASUS GPU TweakII v1.4.5.2 allows... High Unreviewed
CVE-2024-33223 was published May 22, 2024
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0... Critical Unreviewed
CVE-2024-33226 was published May 22, 2024
ProTip! Advisories are also available from the GraphQL API