GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,060 advisories
Filter by severity
Arbitrary remote code execution within `wrangler dev` Workers sandbox
Critical
CVE-2023-7080
was published
for
wrangler
(npm)
Jan 3, 2024
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular...
Moderate
Unreviewed
CVE-2023-41776
was published
Jan 3, 2024
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a
possible way to access...
Critical
Unreviewed
CVE-2023-48418
was published
Jan 3, 2024
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in...
Critical
Unreviewed
CVE-2023-48419
was published
Jan 2, 2024
Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS...
High
Unreviewed
CVE-2023-6998
was published
Dec 30, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Low
Unreviewed
CVE-2023-51433
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
High
Unreviewed
CVE-2023-51435
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2023-51429
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2023-51430
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Low
Unreviewed
CVE-2023-23428
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2023-23429
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Low
Unreviewed
CVE-2023-23430
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2023-23427
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2023-23438
was published
Dec 29, 2023
A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd...
Moderate
Unreviewed
CVE-2023-7090
was published
Dec 24, 2023
Improper privilege management allowed arbitrary workflows to be committed and run using an...
Moderate
Unreviewed
CVE-2023-6804
was published
Dec 21, 2023
Improper privilege management in all versions of GitHub Enterprise Server allows users with...
High
Unreviewed
CVE-2023-46647
was published
Dec 21, 2023
An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard...
Critical
Unreviewed
CVE-2023-47267
was published
Dec 20, 2023
A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4...
Moderate
Unreviewed
CVE-2023-3907
was published
Dec 18, 2023
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an...
Low
Unreviewed
CVE-2023-6793
was published
Dec 13, 2023
Improper Privilege Management in sap-xssec
Critical
GHSA-6mjg-37cp-42x5
was published
for
sap-xssec
(pip)
Dec 13, 2023
Improper Privilege Management in github.com/sap/cloud-security-client-go
Critical
GHSA-m8rw-rcpq-2vp2
was published
for
github.com/sap/cloud-security-client-go
(Go)
Dec 13, 2023
Improper JWT Signature Validation in SAP Security Services Library
Critical
GHSA-59c9-pxq8-9c73
was published
for
com.sap.cloud.security.xsuaa:spring-xsuaa
(Maven)
Dec 13, 2023
An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x...
High
Unreviewed
CVE-2023-41119
was published
Dec 12, 2023
Escalation of privileges in @sap/xssec
Critical
CVE-2023-49583
was published
for
@sap/xssec
(npm)
Dec 12, 2023
ProTip!
Advisories are also available from the
GraphQL API