Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,726
Maven
4,953
npm
3,482
NuGet
605
pip
3,052
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

3,060 advisories

Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion... Moderate Unreviewed
CVE-2023-28049 was published Feb 6, 2024
Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege... High Unreviewed
CVE-2023-32451 was published Feb 6, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... Moderate Unreviewed
CVE-2023-31005 was published Feb 3, 2024
Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an... High Unreviewed
CVE-2023-36496 was published Feb 2, 2024
Minio unsafe default: Access keys inherit `admin` of root user, allowing privilege escalation High
CVE-2024-24747 was published for github.com/minio/minio (Go) Feb 1, 2024
NiklasBeierl xSke
donatello
In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been... High Unreviewed
CVE-2024-0219 was published Jan 31, 2024
In Telerik Test Studio versions prior to v2023.3.1330, a privilege elevation vulnerability has... High Unreviewed
CVE-2024-0833 was published Jan 31, 2024
In Telerik Reporting versions prior to 2024 R1, a privilege elevation vulnerability has been... High Unreviewed
CVE-2024-0832 was published Jan 31, 2024
HashiCorp Vault Improper Privilege Management Moderate
CVE-2020-10660 was published for github.com/hashicorp/vault/vault (Go) Jan 30, 2024
HashiCorp Vault Improper Privilege Management Critical
CVE-2020-10661 was published for github.com/hashicorp/vault/vault (Go) Jan 30, 2024
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,... Moderate Unreviewed
CVE-2024-0674 was published Jan 30, 2024
ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 and 9.13.1P4 are susceptible... High Unreviewed
CVE-2024-21985 was published Jan 26, 2024
An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation.... High Unreviewed
CVE-2024-23620 was published Jan 26, 2024
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to... Critical Unreviewed
CVE-2024-22922 was published Jan 26, 2024
A malicious devtools extension could have been used to escalate privileges. This vulnerability... High Unreviewed
CVE-2024-0751 was published Jan 23, 2024
A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow... Moderate Unreviewed
CVE-2023-5080 was published Jan 19, 2024
The nearby module has a privilege escalation vulnerability. Successful exploitation of this... High Unreviewed
CVE-2023-52105 was published Jan 16, 2024
Permission management vulnerability in the multi-screen interaction module. Successful... High Unreviewed
CVE-2023-52116 was published Jan 16, 2024
Vulnerability of permissions being not strictly verified in the WMS module. Successful... High Unreviewed
CVE-2023-52107 was published Jan 16, 2024
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39... High Unreviewed
CVE-2023-6735 was published Jan 12, 2024
Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0... High Unreviewed
CVE-2023-6740 was published Jan 12, 2024
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version... High Unreviewed
CVE-2023-44250 was published Jan 10, 2024
Kruise allows leveraging the kruise-daemon pod to list all secrets in the entire cluster Moderate
CVE-2023-30617 was published for github.com/openkruise/kruise (Go) Jan 5, 2024
Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro Moderate Unreviewed
CVE-2023-41784 was published Jan 4, 2024
Craft CMS Privilege Escalation Moderate
CVE-2024-21622 was published for craftcms/cms (Composer) Jan 3, 2024
johnax0
ProTip! Advisories are also available from the GraphQL API