GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,482
NuGet
605
pip
3,050
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
820 advisories
Filter by severity
Neo4j Cypher component mishandles IMMUTABLE privileges
Moderate
CVE-2024-34517
was published
for
org.neo4j:neo4j-cypher
(Maven)
May 7, 2024
Privilege Escalation in TYPO3 CMS
Moderate
GHSA-v5jp-4h2p-j2p4
was published
for
typo3/cms
(Composer)
Jun 5, 2024
** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the command ...
Moderate
Unreviewed
CVE-2024-29976
was published
Jun 4, 2024
** UNSUPPORTED WHEN ASSIGNED **
The improper privilege management vulnerability in the SUID...
Moderate
Unreviewed
CVE-2024-29975
was published
Jun 4, 2024
TYPO3 Broken Access Control in Localization Handling
Moderate
GHSA-9rx9-7fmh-gj3g
was published
for
typo3/cms-core
(Composer)
May 30, 2024
golang.org/x/sys/unix has Incorrect privilege reporting in syscall
Moderate
CVE-2022-29526
was published
for
golang.org/x/sys
(Go)
Jun 24, 2022
Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows...
Moderate
Unreviewed
CVE-2023-48319
was published
May 17, 2024
An issue was found in CPython 3.12.0 `subprocess` module on POSIX platforms. The issue was fixed...
Moderate
Unreviewed
CVE-2023-6507
was published
Dec 8, 2023
Mediawiki Improper Privilege Management
Moderate
CVE-2018-0503
was published
for
mediawiki/core
(Composer)
May 13, 2022
OpenStack Identity Keystone Improper Privilege Management
Moderate
CVE-2014-0204
was published
for
keystone
(pip)
May 13, 2022
OpenStack Identity Keystone is vulnerable to Block delegation escalation of privilege
Moderate
CVE-2014-3476
was published
for
keystone
(pip)
May 13, 2022
Celery local privilege escalation vulnerability
Moderate
CVE-2011-4356
was published
for
celery
(pip)
May 17, 2022
In vulnerable versions of Calico (v3.27.2 and below), Calico Enterprise (v3.19.0-1, v3.18.1, v3...
Moderate
Unreviewed
CVE-2024-33522
was published
Apr 30, 2024
BuddyPress Docs plugin Improper Privilege Management
Moderate
CVE-2017-6954
was published
for
buddypress/buddypress
(Composer)
May 13, 2022
TeamPass Improper Privilege Management
Moderate
CVE-2017-15053
was published
for
nilsteampassnet/teampass
(Composer)
May 13, 2022
TeamPass Improper Privilege Management
Moderate
CVE-2017-15052
was published
for
nilsteampassnet/teampass
(Composer)
May 13, 2022
Moodle External blog editing takeover
Moderate
CVE-2017-7489
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle Improper Privilege Management
Moderate
CVE-2018-1134
was published
for
moodle/moodle
(Composer)
May 13, 2022
Drupal Users without "Administer comments" can set comment visibility on nodes they can edit
Moderate
CVE-2016-7570
was published
for
drupal/core
(Composer)
May 17, 2022
Tryton Information Disclosure Vulnerability
Moderate
CVE-2017-0360
was published
for
trytond
(pip)
May 13, 2022
A flaw was found in the way samba handled file and directory permissions. An authenticated user...
Moderate
Unreviewed
CVE-2020-14318
was published
May 24, 2022
An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that...
Moderate
Unreviewed
CVE-2024-3470
was published
Apr 19, 2024
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor...
Moderate
Unreviewed
CVE-2023-34043
was published
Sep 27, 2023
A valid LDAP user, under specific conditions, will default to read-only permissions when...
Moderate
Unreviewed
CVE-2023-29056
was published
Apr 29, 2023
Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep...
Moderate
Unreviewed
CVE-2023-30713
was published
Sep 6, 2023
ProTip!
Advisories are also available from the
GraphQL API