Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,334 advisories

Loading
Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated... High Unreviewed
CVE-2023-36537 was published Jul 11, 2023
Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated user... High Unreviewed
CVE-2023-34118 was published Jul 11, 2023
OpenShift Controller Manager Improper Privilege Management Critical
CVE-2024-45496 was published for github.com/openshift/openshift-controller-manager (Go) Sep 17, 2024
Local privilege escalation during installation due to improper soft link handling. The following... High Unreviewed
CVE-2022-46869 was published Aug 31, 2023
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for... High Unreviewed
CVE-2023-34120 was published Jun 13, 2023
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure... High Unreviewed
CVE-2024-45752 was published Sep 19, 2024
Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,... Critical Unreviewed
CVE-2023-0635 was published Jul 6, 2023
SpiceDB having multiple caveats on resources of the same type may improperly result in no permission Low
CVE-2024-46989 was published for github.com/authzed/spicedb (Go) Sep 18, 2024
tim-mod
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The... High Unreviewed
CVE-2024-8533 was published Sep 12, 2024
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to... High Unreviewed
CVE-2024-7960 was published Sep 12, 2024
The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on... High Unreviewed
CVE-2013-0643 was published May 14, 2022
External Secrets Operator vulnerable to privilege escalation High
CVE-2024-45041 was published for github.com/external-secrets/external-secrets (Go) Sep 9, 2024
younaman
An Incorrect Access Control vulnerability was found in /music/index.php?page=user_list and /music... High Unreviewed
CVE-2024-42798 was published Sep 16, 2024
API permission management vulnerability in the Fwk-Display module.Successful exploitation of this... Critical Unreviewed
CVE-2023-44106 was published Oct 11, 2023
This issue was addressed through improved state management. This issue is fixed in iOS 18 and... High Unreviewed
CVE-2024-44147 was published Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may... High Unreviewed
CVE-2024-40861 was published Sep 17, 2024
An issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, before 22.7 and... High Unreviewed
CVE-2023-43120 was published Oct 16, 2023
Vulnerability in the Oracle Communications Convergence product of Oracle Communications... High Unreviewed
CVE-2023-21848 was published Jan 18, 2023
Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported... High Unreviewed
CVE-2023-21896 was published Apr 18, 2023
D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions. Critical Unreviewed
CVE-2023-44809 was published Oct 16, 2023
In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated... High Unreviewed
CVE-2022-22521 was published Apr 28, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2023-21990 was published Apr 18, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2023-21987 was published Apr 18, 2023
HashiCorp Vault Improper Privilege Management Moderate
CVE-2020-10660 was published for github.com/hashicorp/vault (Go) Jan 30, 2024
andrewpollock
Podman publishes a malicious image to public registries High
CVE-2022-1227 was published for github.com/containers/podman/v3 (Go) Apr 30, 2022
andrewpollock
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database