GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
64 advisories
Filter by severity
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain...
High
Unreviewed
CVE-2023-30998
was published
Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain...
High
Unreviewed
CVE-2023-30997
was published
Jun 27, 2024
IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for i contains a local...
High
Unreviewed
CVE-2024-31890
was published
Jun 21, 2024
Attackers can then execute malicious files by enabling certain services of the printer via the...
High
Unreviewed
CVE-2024-3498
was published
Jun 14, 2024
The Toshiba printers do not implement privileges separation. As for the affected products/models...
Moderate
Unreviewed
CVE-2024-27146
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27147
was published
Jun 14, 2024
Toshiba printers use SNMP for configuration. Using the private community, it is possible to...
Critical
Unreviewed
CVE-2024-27143
was published
Jun 14, 2024
NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the...
High
Unreviewed
CVE-2024-0084
was published
Jun 14, 2024
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate...
High
Unreviewed
CVE-2024-35142
was published
May 31, 2024
Submariner Operator sets unnecessary RBAC permissions in helm charts
Moderate
CVE-2024-5042
was published
for
github.com/submariner-io/submariner-operator
(Go)
May 17, 2024
IBM AIX could 7.2, 7.3, VIOS 3.1, and VIOS 4.1 allow a non-privileged local user to exploit a...
High
Unreviewed
CVE-2024-27260
was published
May 16, 2024
Elevation of privilege vulnerability in GE HealthCare EchoPAC products
High
Unreviewed
CVE-2024-27110
was published
May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an execution with unnecessary...
Moderate
Unreviewed
CVE-2024-25967
was published
May 14, 2024
An Insecure Direct Object Reference (IDOR) vulnerability exists in the lunary-ai/lunary...
Critical
Unreviewed
CVE-2024-1626
was published
Apr 16, 2024
Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2,...
Unknown
Unreviewed
CVE-2024-28005
was published
Mar 28, 2024
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer when the...
High
Unreviewed
CVE-2024-0073
was published
Mar 28, 2024
A CWE-250 “Execution with Unnecessary Privileges” vulnerability in the embedded Chromium browser ...
Moderate
Unreviewed
CVE-2023-45592
was published
Mar 5, 2024
Kruise allows leveraging the kruise-daemon pod to list all secrets in the entire cluster
Moderate
CVE-2023-30617
was published
for
github.com/openkruise/kruise
(Go)
Jan 5, 2024
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user...
High
Unreviewed
CVE-2023-33873
was published
Nov 15, 2023
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that...
Moderate
Unreviewed
CVE-2023-43018
was published
Nov 3, 2023
SnapCenter versions 3.x and 4.x prior to 4.9 are susceptible to a
vulnerability which may allow...
High
Unreviewed
CVE-2023-27313
was published
Oct 12, 2023
SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are
susceptible to a...
Moderate
Unreviewed
CVE-2023-27312
was published
Oct 12, 2023
kOps privilege escalation vulnerability
High
CVE-2023-1943
was published
for
k8s.io/kops
(Go)
Oct 12, 2023
One Identity Password Manager version 5.9.7.1 - An unauthenticated attacker with physical access...
Moderate
Unreviewed
CVE-2023-4003
was published
Sep 27, 2023
Execution with Unnecessary Privileges vulnerability in Saphira Saphira Connect allows Remote Code...
Critical
Unreviewed
CVE-2023-4662
was published
Sep 15, 2023
ProTip!
Advisories are also available from the
GraphQL API