Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

871 advisories

Loading
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix... Moderate Unreviewed
CVE-2024-7890 was published Sep 12, 2024
Improper Access Control in Apache Airflow Moderate
CVE-2021-26559 was published for apache-airflow (pip) Apr 7, 2021
sunSUNQ
Improper Authentication in Apache Airflow Moderate
CVE-2021-26697 was published for apache-airflow (pip) Jun 18, 2021
sunSUNQ
On versions before 2.1.4, after a regular user successfully logs in, they can manually make a... Moderate Unreviewed
CVE-2024-34457 was published Jul 22, 2024
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www... Moderate Unreviewed
CVE-2024-6325 was published Jul 16, 2024
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A... Moderate Unreviewed
CVE-2024-39574 was published Sep 10, 2024
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-51429 was published Dec 29, 2023
Calico privilege escalation vulnerability Moderate
CVE-2024-33522 was published for github.com/projectcalico/calico (Go) Apr 30, 2024
Supplementary groups are not set up properly in github.com/containerd/containerd Moderate
CVE-2023-25173 was published for github.com/containerd/containerd (Go) Feb 16, 2023
Celery local privilege escalation vulnerability Moderate
CVE-2011-4356 was published for celery (pip) May 17, 2022
Improper Privilege Management vulnerability in SAMPA? Holding AKOS allows Collect Data as... Moderate Unreviewed
CVE-2024-4259 was published Sep 3, 2024
Permission control vulnerability in the window management module. Successful exploitation of this... Moderate Unreviewed
CVE-2023-46756 was published Nov 8, 2023
Improper Privilege Management in apache-airflow Moderate
CVE-2021-45230 was published for apache-airflow (pip) Jan 28, 2022
Improper Privilege Management vulnerability in Menulux Information Technologies Managment Portal... Moderate Unreviewed
CVE-2024-4428 was published Aug 29, 2024
there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic... Moderate Unreviewed
CVE-2023-48406 was published Dec 8, 2023
Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files before 22.8.11691.0 allows low... Moderate Unreviewed
CVE-2022-4264 was published Dec 9, 2022
Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3... Moderate Unreviewed
CVE-2022-1606 was published Nov 30, 2022
Microcks's POST /api/import and POST /api/export endpoints allow non-administrator access Moderate
CVE-2024-44076 was published for io.github.microcks:microcks-app (Maven) Aug 19, 2024
Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP... Moderate Unreviewed
CVE-2024-32918 was published Jun 13, 2024
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software... Moderate Unreviewed
CVE-2022-41700 was published Nov 14, 2023
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom... Moderate Unreviewed
CVE-2024-42440 was published Aug 14, 2024
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom... Moderate Unreviewed
CVE-2024-42441 was published Aug 14, 2024
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a... Moderate Unreviewed
CVE-2024-6758 was published Aug 12, 2024
An Improper access control vulnerability was found in Avaya Aura System Manager which could allow... Moderate Unreviewed
CVE-2024-7480 was published Aug 8, 2024
Improper privilege management in Yugabyte Platform allows authenticated admin users to escalate... Moderate Unreviewed
CVE-2024-6908 was published Jul 19, 2024
ProTip! Advisories are also available from the GraphQL API