Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

67 advisories

Loading
Apache Hadoop: Temporary File Local Information Disclosure Low
CVE-2024-23454 was published for org.apache.hadoop:hadoop-common (Maven) Sep 25, 2024
oscerd
SpiceDB having multiple caveats on resources of the same type may improperly result in no permission Low
CVE-2024-46989 was published for github.com/authzed/spicedb (Go) Sep 18, 2024
tim-mod
Access permission verification vulnerability in the Notepad module Impact: Successful... Low Unreviewed
CVE-2024-42036 was published Aug 8, 2024
biscuit-auth vulnerable to public key confusion in third party block Low
CVE-2024-41949 was published for biscuit-auth (Rust) Jul 31, 2024
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®... Low Unreviewed
CVE-2024-6326 was published Jul 16, 2024
A local privilege escalation (LPE) vulnerability has been identified in Phish Alert Button for... Low Unreviewed
CVE-2024-29210 was published May 7, 2024
Improper Privilege Management in djangorestframework-simplejwt Low
CVE-2024-22513 was published for djangorestframework-simplejwt (pip) Mar 16, 2024
r3kumar dmdhrumilmistry
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-51433 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-23430 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-23428 was published Dec 29, 2023
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an... Low Unreviewed
CVE-2023-6793 was published Dec 13, 2023
The FACSChorus software does not properly assign data access privileges for operating system user... Low Unreviewed
CVE-2023-29066 was published Nov 28, 2023
Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows... Low Unreviewed
CVE-2023-30717 was published Sep 6, 2023
There is a permission and access control vulnerability in some ZTE mobile phones. Due to... Low Unreviewed
CVE-2023-25647 was published Aug 17, 2023
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1... Low Unreviewed
CVE-2023-21512 was published Jun 28, 2023
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar... Low Unreviewed
CVE-2023-21458 was published Mar 16, 2023
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1... Low Unreviewed
CVE-2022-4270 was published Dec 2, 2022
Byobu user preference to prevent private discussions being started are not respected Low
CVE-2022-35921 was published for fof/byobu (Composer) Aug 6, 2022
Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22,... Low Unreviewed
CVE-2022-36832 was published Aug 6, 2022
An elevation of privilege vulnerability exists in Windows store installer where WindowsApps... Low Unreviewed
CVE-2019-1270 was published May 24, 2022
Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a... Low Unreviewed
CVE-2021-31839 was published May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application... Low Unreviewed
CVE-2020-16852 was published May 24, 2022
Privilege Escalation vulnerability in the installer in McAfee McAfee Total Protection (MTP) trial... Low Unreviewed
CVE-2020-7310 was published May 24, 2022
An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on... Low Unreviewed
CVE-2020-1476 was published May 24, 2022
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file... Low Unreviewed
CVE-2020-1461 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database