Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

269 advisories

Loading
TightVNC before v2.8.75 allows attackers to escalate privileges on the host operating system via... Critical Unreviewed
CVE-2023-27830 was published Apr 12, 2023
A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>,... Critical Unreviewed
CVE-2020-6823 was published May 24, 2022
In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120;... Critical Unreviewed
CVE-2019-16897 was published May 24, 2022
The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because... Critical Unreviewed
CVE-2016-10971 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection and... Critical Unreviewed
CVE-2003-5001 was published Mar 29, 2022
linux vserver 2.6 before 2.6.17 suffers from privilege escalation in remount code. Critical Unreviewed
CVE-2006-4243 was published Apr 21, 2022
In Blue Planet® products through 22.12, a misconfiguration in the SAML implementation allows... Critical Unreviewed
CVE-2024-2005 was published Mar 6, 2024
Cloud Foundry UAA privilege escalation with user invitations Critical
CVE-2017-4992 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-34523 was published May 24, 2022
OrientDB vulnerable to Improper Privilage Management leading to arbitrary command injection Critical
CVE-2017-11467 was published for com.orientechnologies:orientdb-core (Maven) Oct 18, 2018
yoshizawa-masatoshi
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to... Critical Unreviewed
CVE-2024-22922 was published Jan 26, 2024
A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software... Critical Unreviewed
CVE-2023-20048 was published Nov 1, 2023
Magento business logic error vulnerability Critical
CVE-2020-9630 was published for magento/community-edition (Composer) May 24, 2022
 In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a     possible way to access... Critical Unreviewed
CVE-2023-48418 was published Jan 3, 2024
An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.An... Critical Unreviewed
CVE-2020-16904 was published May 24, 2022
An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard... Critical Unreviewed
CVE-2023-47267 was published Dec 20, 2023
Arbitrary remote code execution within `wrangler dev` Workers sandbox Critical
CVE-2023-7080 was published for wrangler (npm) Jan 3, 2024
Lekensteyn
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in... Critical Unreviewed
CVE-2023-48419 was published Jan 2, 2024
Execution with Unnecessary Privileges vulnerability in Saphira Saphira Connect allows Remote Code... Critical Unreviewed
CVE-2023-4662 was published Sep 15, 2023
Protection mechanism failure in some Intel DCM software before version 5.2 may allow an... Critical Unreviewed
CVE-2023-31273 was published Nov 14, 2023
Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation.... Critical Unreviewed
CVE-2023-41807 was published Nov 23, 2023
Puppet Bolt privilege escalation vulnerability Critical
CVE-2023-5214 was published for bolt (RubyGems) Oct 6, 2023
Apache InLong Improper Privilege Management vulnerability Critical
CVE-2023-31062 was published for org.apache.inlong:manager-dao (Maven) Jul 6, 2023
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when... Critical Unreviewed
CVE-2022-25643 was published Feb 25, 2022
KubePi Privilege Escalation vulnerability Critical
CVE-2023-37917 was published for github.com/KubeOperator/kubepi (Go) Jul 21, 2023
ch1nhpd
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database