GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,952 advisories
Filter by severity
Improper Privilege Management vulnerability in ExtremePacs Extreme XDS allows Collect Data as...
High
Unreviewed
CVE-2023-6522
was published
Apr 5, 2024
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management...
High
Unreviewed
CVE-2024-0172
was published
Apr 3, 2024
UVDesk Community Helpdesk Improper Privilege Management
High
CVE-2024-3137
was published
for
uvdesk/core-framework
(Composer)
Apr 2, 2024
Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract...
High
Unreviewed
CVE-2024-23537
was published
Mar 29, 2024
Podman affected by CVE-2024-1753 container escape at build time
High
CVE-2024-1753
was published
for
github.com/containers/podman/v4
(Go)
Mar 28, 2024
In some rare cases, there is a password type validation missing in Revert Password check and for...
High
Unreviewed
CVE-2023-41972
was published
Mar 26, 2024
By leveraging the vulnerability, lower-privileged users of Content Manager can manipulate Content...
High
Unreviewed
CVE-2024-1973
was published
Mar 26, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'),...
High
Unreviewed
CVE-2024-24892
was published
Mar 25, 2024
This vulnerability allows an authenticated user to perform a Lifecycle Manager flow or other...
High
Unreviewed
CVE-2024-2228
was published
Mar 22, 2024
As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was...
High
Unreviewed
CVE-2024-2390
was published
Mar 18, 2024
Windows Error Reporting Service Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-26169
was published
Mar 12, 2024
Account Takeover via Session Fixation in Zitadel [Bypassing MFA]
High
CVE-2024-28197
was published
for
github.com/zitadel/zitadel
(Go)
Mar 11, 2024
Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5...
High
Unreviewed
CVE-2024-0819
was published
Feb 27, 2024
A flaw in the installer for Thales SafeNet Sentinel HASP LDK prior to 9.16 on Windows allows an...
High
Unreviewed
CVE-2024-0197
was published
Feb 27, 2024
A flaw in the Windows Installer in Thales SafeNet Authentication Client prior to 10.8 R10 on...
High
Unreviewed
CVE-2023-5993
was published
Feb 27, 2024
A flaw in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an attacker to...
High
Unreviewed
CVE-2023-7016
was published
Feb 27, 2024
As a manager, you should not be able to modify a series of settings. In the UI this is indeed...
High
Unreviewed
CVE-2024-0439
was published
Feb 26, 2024
Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15...
High
Unreviewed
CVE-2024-0622
was published
Feb 15, 2024
Improper Privilege Management vulnerability in Utarit Information Technologies SoliPay Mobile App...
High
Unreviewed
CVE-2023-4993
was published
Feb 15, 2024
An improper privilege management vulnerability [CWE-269] in Fortinet FortiClientEMS version 7.2.0...
High
Unreviewed
CVE-2023-45581
was published
Feb 15, 2024
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file...
High
Unreviewed
CVE-2024-0353
was published
Feb 15, 2024
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform...
High
Unreviewed
CVE-2023-50957
was published
Feb 10, 2024
Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local...
High
Unreviewed
CVE-2024-22795
was published
Feb 8, 2024
Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core'
High
CVE-2023-32194
was published
for
github.com/rancher/rancher
(Go)
Feb 8, 2024
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user...
High
Unreviewed
CVE-2024-22237
was published
Feb 6, 2024
ProTip!
Advisories are also available from the
GraphQL API