Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,378 advisories

Loading
An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux... High Unreviewed
CVE-2020-15934 was published Dec 19, 2024
CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and... High Unreviewed
CVE-2024-38499 was published Dec 17, 2024
MinIO vulnerable to privilege escalation in IAM import API High
CVE-2024-55949 was published for github.com/minio/minio (Go) Dec 16, 2024
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in... High Unreviewed
CVE-2024-11721 was published Dec 14, 2024
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful... Moderate Unreviewed
CVE-2024-54110 was published Dec 12, 2024
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated... High Unreviewed
CVE-2024-49035 was published Nov 26, 2024
A script injection vulnerability was identified in the Tuned package. The `instance_create()` D... High Unreviewed
CVE-2024-52336 was published Nov 26, 2024
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege... High Unreviewed
CVE-2024-9941 was published Nov 23, 2024
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed
CVE-2024-9478 was published Nov 20, 2024
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed
CVE-2024-9479 was published Nov 20, 2024
Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider Moderate
CVE-2024-31141 was published for org.apache.kafka:kafka-clients (Maven) Nov 19, 2024
A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow... Moderate Unreviewed
CVE-2020-26063 was published Nov 18, 2024
Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent. High Unreviewed
CVE-2024-52926 was published Nov 18, 2024
The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-9192 was published Nov 16, 2024
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by... High Unreviewed
CVE-2024-9500 was published Nov 16, 2024
Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to... High Unreviewed
CVE-2024-11206 was published Nov 14, 2024
Privilege escalation to NetworkService Account access in Citrix Session Recording when an... Moderate Unreviewed
CVE-2024-8068 was published Nov 12, 2024
Improper Privilege Management vulnerability in Nomysoft Informatics Nomysem allows Collect Data... Critical Unreviewed
CVE-2024-8074 was published Nov 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an... High Unreviewed
CVE-2024-49558 was published Nov 12, 2024
Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege... High Unreviewed
CVE-2024-24409 was published Nov 8, 2024
A GitHub App installed in organizations could upgrade some permissions from read to write access... High Unreviewed
CVE-2024-8810 was published Nov 8, 2024
Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on... High Unreviewed
CVE-2024-8424 was published Nov 8, 2024
Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are... High Unreviewed
CVE-2024-10203 was published Nov 7, 2024
Input parameter verification vulnerability in the background service module Impact: Successful... Moderate Unreviewed
CVE-2024-51521 was published Nov 5, 2024
Access control vulnerable to user data deletion by anonynmous users Moderate
CVE-2024-51734 was published for AccessControl (pip) Nov 4, 2024
n1k9 d-maurer
perrinjerome dataflake
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database