GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
269 advisories
Filter by severity
TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via...
Critical
Unreviewed
CVE-2023-27830
was published
Apr 12, 2023
A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>,...
Critical
Unreviewed
CVE-2020-6823
was published
May 24, 2022
In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120;...
Critical
Unreviewed
CVE-2019-16897
was published
May 24, 2022
The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because...
Critical
Unreviewed
CVE-2016-10971
was published
May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection and...
Critical
Unreviewed
CVE-2003-5001
was published
Mar 29, 2022
linux vserver 2.6 before 2.6.17 suffers from privilege escalation in remount code.
Critical
Unreviewed
CVE-2006-4243
was published
Apr 21, 2022
In Blue Planet® products through 22.12, a misconfiguration in the SAML implementation allows...
Critical
Unreviewed
CVE-2024-2005
was published
Mar 6, 2024
Cloud Foundry UAA privilege escalation with user invitations
Critical
CVE-2017-4992
was published
for
org.cloudfoundry.identity:cloudfoundry-identity-server
(Maven)
May 13, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE...
Critical
Unreviewed
CVE-2021-34523
was published
May 24, 2022
OrientDB vulnerable to Improper Privilage Management leading to arbitrary command injection
Critical
CVE-2017-11467
was published
for
com.orientechnologies:orientdb-core
(Maven)
Oct 18, 2018
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to...
Critical
Unreviewed
CVE-2024-22922
was published
Jan 26, 2024
A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software...
Critical
Unreviewed
CVE-2023-20048
was published
Nov 1, 2023
Magento business logic error vulnerability
Critical
CVE-2020-9630
was published
for
magento/community-edition
(Composer)
May 24, 2022
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a
possible way to access...
Critical
Unreviewed
CVE-2023-48418
was published
Jan 3, 2024
An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.An...
Critical
Unreviewed
CVE-2020-16904
was published
May 24, 2022
An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard...
Critical
Unreviewed
CVE-2023-47267
was published
Dec 20, 2023
Arbitrary remote code execution within `wrangler dev` Workers sandbox
Critical
CVE-2023-7080
was published
for
wrangler
(npm)
Jan 3, 2024
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in...
Critical
Unreviewed
CVE-2023-48419
was published
Jan 2, 2024
Execution with Unnecessary Privileges vulnerability in Saphira Saphira Connect allows Remote Code...
Critical
Unreviewed
CVE-2023-4662
was published
Sep 15, 2023
Protection mechanism failure in some Intel DCM software before version 5.2 may allow an...
Critical
Unreviewed
CVE-2023-31273
was published
Nov 14, 2023
Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation....
Critical
Unreviewed
CVE-2023-41807
was published
Nov 23, 2023
Puppet Bolt privilege escalation vulnerability
Critical
CVE-2023-5214
was published
for
bolt
(RubyGems)
Oct 6, 2023
Apache InLong Improper Privilege Management vulnerability
Critical
CVE-2023-31062
was published
for
org.apache.inlong:manager-dao
(Maven)
Jul 6, 2023
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when...
Critical
Unreviewed
CVE-2022-25643
was published
Feb 25, 2022
KubePi Privilege Escalation vulnerability
Critical
CVE-2023-37917
was published
for
github.com/KubeOperator/kubepi
(Go)
Jul 21, 2023
ProTip!
Advisories are also available from the
GraphQL API