GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,334 advisories
Filter by severity
Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated...
High
Unreviewed
CVE-2023-36537
was published
Jul 11, 2023
Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated user...
High
Unreviewed
CVE-2023-34118
was published
Jul 11, 2023
OpenShift Controller Manager Improper Privilege Management
Critical
CVE-2024-45496
was published
for
github.com/openshift/openshift-controller-manager
(Go)
Sep 17, 2024
Local privilege escalation during installation due to improper soft link handling. The following...
High
Unreviewed
CVE-2022-46869
was published
Aug 31, 2023
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for...
High
Unreviewed
CVE-2023-34120
was published
Jun 13, 2023
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure...
High
Unreviewed
CVE-2024-45752
was published
Sep 19, 2024
Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,...
Critical
Unreviewed
CVE-2023-0635
was published
Jul 6, 2023
SpiceDB having multiple caveats on resources of the same type may improperly result in no permission
Low
CVE-2024-46989
was published
for
github.com/authzed/spicedb
(Go)
Sep 18, 2024
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The...
High
Unreviewed
CVE-2024-8533
was published
Sep 12, 2024
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to...
High
Unreviewed
CVE-2024-7960
was published
Sep 12, 2024
The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on...
High
Unreviewed
CVE-2013-0643
was published
May 14, 2022
External Secrets Operator vulnerable to privilege escalation
High
CVE-2024-45041
was published
for
github.com/external-secrets/external-secrets
(Go)
Sep 9, 2024
An Incorrect Access Control vulnerability was found in /music/index.php?page=user_list and /music...
High
Unreviewed
CVE-2024-42798
was published
Sep 16, 2024
API permission management vulnerability in the Fwk-Display module.Successful exploitation of this...
Critical
Unreviewed
CVE-2023-44106
was published
Oct 11, 2023
This issue was addressed through improved state management. This issue is fixed in iOS 18 and...
High
Unreviewed
CVE-2024-44147
was published
Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may...
High
Unreviewed
CVE-2024-40861
was published
Sep 17, 2024
An issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, before 22.7 and...
High
Unreviewed
CVE-2023-43120
was published
Oct 16, 2023
Vulnerability in the Oracle Communications Convergence product of Oracle Communications...
High
Unreviewed
CVE-2023-21848
was published
Jan 18, 2023
Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported...
High
Unreviewed
CVE-2023-21896
was published
Apr 18, 2023
D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions.
Critical
Unreviewed
CVE-2023-44809
was published
Oct 16, 2023
In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated...
High
Unreviewed
CVE-2022-22521
was published
Apr 28, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
High
Unreviewed
CVE-2023-21990
was published
Apr 18, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
High
Unreviewed
CVE-2023-21987
was published
Apr 18, 2023
HashiCorp Vault Improper Privilege Management
Moderate
CVE-2020-10660
was published
for
github.com/hashicorp/vault
(Go)
Jan 30, 2024
Podman publishes a malicious image to public registries
High
CVE-2022-1227
was published
for
github.com/containers/podman/v3
(Go)
Apr 30, 2022
ProTip!
Advisories are also available from the
GraphQL API