GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
889 advisories
Filter by severity
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-54110
was published
Dec 12, 2024
Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider
Moderate
CVE-2024-31141
was published
for
org.apache.kafka:kafka-clients
(Maven)
Nov 19, 2024
A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow...
Moderate
Unreviewed
CVE-2020-26063
was published
Nov 18, 2024
Privilege escalation to NetworkService Account access in Citrix Session Recording when an...
Moderate
Unreviewed
CVE-2024-8068
was published
Nov 12, 2024
Input parameter verification vulnerability in the background service module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-51521
was published
Nov 5, 2024
Access control vulnerable to user data deletion by anonynmous users
Moderate
CVE-2024-51734
was published
for
AccessControl
(pip)
Nov 4, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ...
Moderate
Unreviewed
CVE-2024-20374
was published
Oct 23, 2024
Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for...
Moderate
Unreviewed
CVE-2023-25535
was published
Oct 17, 2024
The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit...
Moderate
Unreviewed
CVE-2024-45461
was published
Oct 16, 2024
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800...
Moderate
Unreviewed
CVE-2024-22068
was published
Oct 10, 2024
In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API...
Moderate
Unreviewed
CVE-2024-7048
was published
Oct 10, 2024
VMware NSX contains a local privilege escalation vulnerability.
An authenticated malicious...
Moderate
Unreviewed
CVE-2024-38818
was published
Oct 9, 2024
A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software...
Moderate
Unreviewed
CVE-2024-9471
was published
Oct 9, 2024
A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate...
Moderate
Unreviewed
CVE-2024-45919
was published
Oct 7, 2024
An issue in Shanghai Zhouma Network Technology CO., Ltd IMS Intelligent Manufacturing...
Moderate
Unreviewed
CVE-2024-44439
was published
Oct 4, 2024
An improper privilege management vulnerability allowed arbitrary workflows to be committed using...
Moderate
Unreviewed
CVE-2024-8263
was published
Sep 23, 2024
Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain...
Moderate
Unreviewed
CVE-2024-44540
was published
Sep 23, 2024
Entrust Instant Financial Issuance (formerly known as Cardwizard) 6.10.0, 6.9.0, 6.9.1, 6.9.2,...
Moderate
Unreviewed
CVE-2024-39342
was published
Sep 23, 2024
SpiceDB having multiple caveats on resources of the same type may improperly result in no permission
Moderate
CVE-2024-46989
was published
for
github.com/authzed/spicedb
(Go)
Sep 18, 2024
OpenShift Controller Manager Improper Privilege Management
Moderate
CVE-2024-45496
was published
for
github.com/openshift/openshift-controller-manager
(Go)
Sep 17, 2024
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix...
Moderate
Unreviewed
CVE-2024-7890
was published
Sep 12, 2024
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A...
Moderate
Unreviewed
CVE-2024-39574
was published
Sep 10, 2024
Improper Privilege Management vulnerability in SAMPA? Holding AKOS allows Collect Data as...
Moderate
Unreviewed
CVE-2024-4259
was published
Sep 3, 2024
Improper Privilege Management vulnerability in Menulux Information Technologies Managment Portal...
Moderate
Unreviewed
CVE-2024-4428
was published
Aug 29, 2024
Withdrawn Advisory: Kanister vulnerable to cluster-level privilege escalation
Moderate
CVE-2024-43403
was published
for
github.com/kanisterio/kanister
(Go)
Aug 20, 2024
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API