GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
93 advisories
Filter by severity
Execution with Unnecessary Privileges in ipython
High
CVE-2022-21699
was published
for
ipython
(pip)
Jan 21, 2022
This allows attackers to use a maliciously formed API request to gain access to an API...
High
Unreviewed
CVE-2024-1222
was published
Mar 14, 2024
This vulnerability allows local attackers to escalate privileges on affected installations of...
Moderate
Unreviewed
CVE-2023-6006
was published
Nov 14, 2023
An issue in Notion for macOS version 3.1.0 and before, allows remote attackers to execute...
Critical
Unreviewed
CVE-2024-23743
was published
Jan 28, 2024
Execution with Unnecessary Privileges in JupyterApp
High
CVE-2022-39286
was published
for
jupyter-core
(pip)
Oct 26, 2022
Local active protection service settings manipulation due to unnecessary privileges assignment....
Moderate
Unreviewed
CVE-2024-8903
was published
Sep 23, 2024
Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated user...
High
Unreviewed
CVE-2023-34118
was published
Jul 11, 2023
OpenShift Builder has a path traversal, allows command injection in privileged BuildContainer
Critical
CVE-2024-7387
was published
for
github.com/openshift/builder
(Go)
Sep 17, 2024
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network...
High
Unreviewed
CVE-2024-38813
was published
Sep 17, 2024
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The...
Critical
Unreviewed
CVE-2024-8767
was published
Sep 17, 2024
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated...
Moderate
Unreviewed
CVE-2024-5623
was published
Aug 29, 2024
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2....
High
Unreviewed
CVE-2024-5622
was published
Aug 29, 2024
Execution with unnecessary privileges in PerkinElmer ProcessPlus allows an attacker to spawn a...
Critical
Unreviewed
CVE-2024-6913
was published
Jul 22, 2024
A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information...
Critical
Unreviewed
CVE-2024-35783
was published
Sep 10, 2024
Apache Airflow vulnerable to Execution with Unnecessary Privileges
High
CVE-2024-45034
was published
for
apache-airflow
(pip)
Sep 7, 2024
A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account...
Critical
Unreviewed
CVE-2024-42024
was published
Sep 7, 2024
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible
High
CVE-2020-10684
was published
for
ansible
(pip)
Apr 7, 2021
A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure...
Moderate
Unreviewed
CVE-2024-20478
was published
Aug 28, 2024
A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive...
Moderate
Unreviewed
CVE-2023-42954
was published
Mar 22, 2024
An issue was discovered in Grandstream GXP14XX 1.0.8.9 and GXP16XX 1.0.7.13, allows remote...
High
Unreviewed
CVE-2023-50015
was published
Mar 9, 2024
An issue in Canimaan Software LTD ClamXAV v3.1.2 through v3.6.1 and fixed in v.3.6.2 allows a...
High
Unreviewed
CVE-2024-24245
was published
Apr 9, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS...
High
Unreviewed
CVE-2024-23299
was published
Jun 10, 2024
setuid() does not affect libuv's internal io_uring operations if initialized before the call to...
High
Unreviewed
CVE-2024-22017
was published
Mar 19, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application...
High
Unreviewed
CVE-2024-36398
was published
Aug 13, 2024
A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a...
High
Unreviewed
CVE-2023-38042
was published
May 31, 2024
ProTip!
Advisories are also available from the
GraphQL API