Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

883 advisories

Loading
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-51429 was published Dec 29, 2023
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A... Moderate Unreviewed
CVE-2024-39574 was published Sep 10, 2024
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www... Moderate Unreviewed
CVE-2024-6325 was published Jul 16, 2024
On versions before 2.1.4, after a regular user successfully logs in, they can manually make a... Moderate Unreviewed
CVE-2024-34457 was published Jul 22, 2024
Improper Authentication in Apache Airflow Moderate
CVE-2021-26697 was published for apache-airflow (pip) Jun 18, 2021
sunSUNQ
Improper Access Control in Apache Airflow Moderate
CVE-2021-26559 was published for apache-airflow (pip) Apr 7, 2021
sunSUNQ
A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow... Moderate Unreviewed
CVE-2023-5080 was published Jan 19, 2024
HashiCorp Vault Improper Privilege Management Moderate
CVE-2020-10660 was published for github.com/hashicorp/vault (Go) Jan 30, 2024
andrewpollock
Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5... Moderate Unreviewed
CVE-2024-27247 was published Apr 9, 2024
Improper privilege management in the installer for Zoom Desktop Client for Windows before version... Moderate Unreviewed
CVE-2024-24694 was published Apr 9, 2024
Entrust Instant Financial Issuance (formerly known as Cardwizard) 6.10.0, 6.9.0, 6.9.1, 6.9.2,... Moderate Unreviewed
CVE-2024-39342 was published Sep 23, 2024
Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain... Moderate Unreviewed
CVE-2024-44540 was published Sep 23, 2024
This vulnerability allows local attackers to escalate privileges on affected installations of... Moderate Unreviewed
CVE-2023-6006 was published Nov 14, 2023
The com.cutestudio.colordialer application through 2.1.8-2 for Android allows a remote attacker... Moderate Unreviewed
CVE-2023-42468 was published Sep 13, 2023
In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general... Moderate Unreviewed
CVE-2023-35671 was published Sep 11, 2023
An improper privilege management vulnerability allowed arbitrary workflows to be committed using... Moderate Unreviewed
CVE-2024-8263 was published Sep 23, 2024
loguru vulnerable to improper privilege management Moderate
CVE-2022-0338 was published for loguru (pip) Jan 26, 2022
Wago web-based management of multiple products has a vulnerability which allows an local... Moderate Unreviewed
CVE-2023-3379 was published Nov 20, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15... Moderate Unreviewed
CVE-2023-2485 was published Jun 7, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2... Moderate Unreviewed
CVE-2024-1250 was published Feb 12, 2024
A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4... Moderate Unreviewed
CVE-2023-3907 was published Dec 18, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 before 16.7.6... Moderate Unreviewed
CVE-2023-6477 was published Feb 22, 2024
A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate... Moderate Unreviewed
CVE-2024-45919 was published Oct 7, 2024
An issue in Shanghai Zhouma Network Technology CO., Ltd IMS Intelligent Manufacturing... Moderate Unreviewed
CVE-2024-44439 was published Oct 4, 2024
VMware NSX contains a local privilege escalation vulnerability.  An authenticated malicious... Moderate Unreviewed
CVE-2024-38818 was published Oct 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database