GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
871 advisories
Filter by severity
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix...
Moderate
Unreviewed
CVE-2024-7890
was published
Sep 12, 2024
Improper Access Control in Apache Airflow
Moderate
CVE-2021-26559
was published
for
apache-airflow
(pip)
Apr 7, 2021
Improper Authentication in Apache Airflow
Moderate
CVE-2021-26697
was published
for
apache-airflow
(pip)
Jun 18, 2021
On versions before 2.1.4, after a regular user successfully logs in, they can manually make a...
Moderate
Unreviewed
CVE-2024-34457
was published
Jul 22, 2024
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www...
Moderate
Unreviewed
CVE-2024-6325
was published
Jul 16, 2024
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A...
Moderate
Unreviewed
CVE-2024-39574
was published
Sep 10, 2024
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2023-51429
was published
Dec 29, 2023
Calico privilege escalation vulnerability
Moderate
CVE-2024-33522
was published
for
github.com/projectcalico/calico
(Go)
Apr 30, 2024
Supplementary groups are not set up properly in github.com/containerd/containerd
Moderate
CVE-2023-25173
was published
for
github.com/containerd/containerd
(Go)
Feb 16, 2023
Celery local privilege escalation vulnerability
Moderate
CVE-2011-4356
was published
for
celery
(pip)
May 17, 2022
Improper Privilege Management vulnerability in SAMPA? Holding AKOS allows Collect Data as...
Moderate
Unreviewed
CVE-2024-4259
was published
Sep 3, 2024
Permission control vulnerability in the window management module. Successful exploitation of this...
Moderate
Unreviewed
CVE-2023-46756
was published
Nov 8, 2023
Improper Privilege Management in apache-airflow
Moderate
CVE-2021-45230
was published
for
apache-airflow
(pip)
Jan 28, 2022
Improper Privilege Management vulnerability in Menulux Information Technologies Managment Portal...
Moderate
Unreviewed
CVE-2024-4428
was published
Aug 29, 2024
there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic...
Moderate
Unreviewed
CVE-2023-48406
was published
Dec 8, 2023
Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files before 22.8.11691.0 allows low...
Moderate
Unreviewed
CVE-2022-4264
was published
Dec 9, 2022
Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3...
Moderate
Unreviewed
CVE-2022-1606
was published
Nov 30, 2022
Microcks's POST /api/import and POST /api/export endpoints allow non-administrator access
Moderate
CVE-2024-44076
was published
for
io.github.microcks:microcks-app
(Maven)
Aug 19, 2024
Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP...
Moderate
Unreviewed
CVE-2024-32918
was published
Jun 13, 2024
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software...
Moderate
Unreviewed
CVE-2022-41700
was published
Nov 14, 2023
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom...
Moderate
Unreviewed
CVE-2024-42440
was published
Aug 14, 2024
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom...
Moderate
Unreviewed
CVE-2024-42441
was published
Aug 14, 2024
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a...
Moderate
Unreviewed
CVE-2024-6758
was published
Aug 12, 2024
An Improper access control vulnerability was found in Avaya Aura System Manager which could allow...
Moderate
Unreviewed
CVE-2024-7480
was published
Aug 8, 2024
Improper privilege management in Yugabyte Platform allows authenticated admin users to escalate...
Moderate
Unreviewed
CVE-2024-6908
was published
Jul 19, 2024
ProTip!
Advisories are also available from the
GraphQL API