GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,726
Maven
4,953
npm
3,482
NuGet
605
pip
3,052
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,060 advisories
Filter by severity
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion...
Moderate
Unreviewed
CVE-2023-28049
was published
Feb 6, 2024
Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege...
High
Unreviewed
CVE-2023-32451
was published
Feb 6, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
Moderate
Unreviewed
CVE-2023-31005
was published
Feb 3, 2024
Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an...
High
Unreviewed
CVE-2023-36496
was published
Feb 2, 2024
Minio unsafe default: Access keys inherit `admin` of root user, allowing privilege escalation
High
CVE-2024-24747
was published
for
github.com/minio/minio
(Go)
Feb 1, 2024
In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been...
High
Unreviewed
CVE-2024-0219
was published
Jan 31, 2024
In Telerik Test Studio versions prior to
v2023.3.1330, a privilege elevation vulnerability has...
High
Unreviewed
CVE-2024-0833
was published
Jan 31, 2024
In Telerik Reporting versions prior to 2024 R1, a privilege elevation vulnerability has been...
High
Unreviewed
CVE-2024-0832
was published
Jan 31, 2024
HashiCorp Vault Improper Privilege Management
Moderate
CVE-2020-10660
was published
for
github.com/hashicorp/vault/vault
(Go)
Jan 30, 2024
HashiCorp Vault Improper Privilege Management
Critical
CVE-2020-10661
was published
for
github.com/hashicorp/vault/vault
(Go)
Jan 30, 2024
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,...
Moderate
Unreviewed
CVE-2024-0674
was published
Jan 30, 2024
ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10
and 9.13.1P4 are susceptible...
High
Unreviewed
CVE-2024-21985
was published
Jan 26, 2024
An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation....
High
Unreviewed
CVE-2024-23620
was published
Jan 26, 2024
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to...
Critical
Unreviewed
CVE-2024-22922
was published
Jan 26, 2024
A malicious devtools extension could have been used to escalate privileges. This vulnerability...
High
Unreviewed
CVE-2024-0751
was published
Jan 23, 2024
A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow...
Moderate
Unreviewed
CVE-2023-5080
was published
Jan 19, 2024
The nearby module has a privilege escalation vulnerability. Successful exploitation of this...
High
Unreviewed
CVE-2023-52105
was published
Jan 16, 2024
Permission management vulnerability in the multi-screen interaction module. Successful...
High
Unreviewed
CVE-2023-52116
was published
Jan 16, 2024
Vulnerability of permissions being not strictly verified in the WMS module. Successful...
High
Unreviewed
CVE-2023-52107
was published
Jan 16, 2024
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39...
High
Unreviewed
CVE-2023-6735
was published
Jan 12, 2024
Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0...
High
Unreviewed
CVE-2023-6740
was published
Jan 12, 2024
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version...
High
Unreviewed
CVE-2023-44250
was published
Jan 10, 2024
Kruise allows leveraging the kruise-daemon pod to list all secrets in the entire cluster
Moderate
CVE-2023-30617
was published
for
github.com/openkruise/kruise
(Go)
Jan 5, 2024
Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro
Moderate
Unreviewed
CVE-2023-41784
was published
Jan 4, 2024
Craft CMS Privilege Escalation
Moderate
CVE-2024-21622
was published
for
craftcms/cms
(Composer)
Jan 3, 2024
ProTip!
Advisories are also available from the
GraphQL API