Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,202
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

889 advisories

Loading
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-26247 was published Mar 23, 2024
IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could allow an authenticated user with... Moderate Unreviewed
CVE-2023-47715 was published Mar 21, 2024
An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that... Moderate Unreviewed
CVE-2024-1908 was published Mar 21, 2024
Users with `create` but not `override` privileges can perform local sync Moderate
CVE-2023-50726 was published for github.com/argoproj/argo-cd (Go) Mar 15, 2024
crenshaw-dev
An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the... Moderate Unreviewed
CVE-2024-2431 was published Mar 13, 2024
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an... Moderate Unreviewed
CVE-2024-2433 was published Mar 13, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows... Moderate Unreviewed
CVE-2024-2432 was published Mar 13, 2024
A vulnerability in the Secure Copy Protocol (SCP) and SFTP feature of Cisco IOS XR Software could... Moderate Unreviewed
CVE-2024-20262 was published Mar 13, 2024
In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds... Moderate Unreviewed
CVE-2024-25987 was published Mar 11, 2024
In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, there is a possible out of... Moderate Unreviewed
CVE-2024-25990 was published Mar 11, 2024
Grafana's users with permissions to create a data source can CRUD all data sources Moderate
CVE-2024-1442 was published for github.com/grafana/grafana (Go) Mar 7, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 before 16.7.6... Moderate Unreviewed
CVE-2023-6477 was published Feb 22, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2... Moderate Unreviewed
CVE-2024-1250 was published Feb 12, 2024
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client... Moderate Unreviewed
CVE-2024-23764 was published Feb 8, 2024
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user... Moderate Unreviewed
CVE-2024-22239 was published Feb 6, 2024
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion... Moderate Unreviewed
CVE-2023-28049 was published Feb 6, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... Moderate Unreviewed
CVE-2023-31005 was published Feb 3, 2024
HashiCorp Vault Improper Privilege Management Moderate
CVE-2020-10660 was published for github.com/hashicorp/vault (Go) Jan 30, 2024
andrewpollock
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,... Moderate Unreviewed
CVE-2024-0674 was published Jan 30, 2024
A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow... Moderate Unreviewed
CVE-2023-5080 was published Jan 19, 2024
Kruise allows leveraging the kruise-daemon pod to list all secrets in the entire cluster Moderate
CVE-2023-30617 was published for github.com/openkruise/kruise (Go) Jan 5, 2024
Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro Moderate Unreviewed
CVE-2023-41784 was published Jan 4, 2024
Craft CMS Privilege Escalation Moderate
CVE-2024-21622 was published for craftcms/cms (Composer) Jan 3, 2024
johnax0
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular... Moderate Unreviewed
CVE-2023-41776 was published Jan 3, 2024
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-51430 was published Dec 29, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database