GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,572
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,703
NuGet 661
pip 3,329
Pub 11
RubyGems 884
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 234,070

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

889 advisories

Filter by severity

Sort by

Least recently updated

IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that... Moderate Unreviewed

CVE-2023-43018 was published Nov 3, 2023

Under certain conditions, a low privileged attacker could load a specially crafted file during... Moderate Unreviewed

CVE-2023-5847 was published Nov 1, 2023

Zscaler Client Connector Installer on Windows before version 3.4.0.124 improperly handled... Moderate Unreviewed

CVE-2021-26734 was published Oct 23, 2023

Grafana privilege escalation vulnerability Moderate

CVE-2023-4822 was published for github.com/grafana/grafana (Go) Oct 16, 2023

In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to... Moderate Unreviewed

CVE-2023-4834 was published Oct 16, 2023

PrestaShop allows users to uninstall modules from backoffice, even with low rights Moderate

CVE-2023-43663 was published for prestashop/prestashop (Composer) Sep 28, 2023

PrestaShop allows employee without any access rights to list all installed modules Moderate

CVE-2023-43664 was published for prestashop/prestashop (Composer) Sep 28, 2023

Permission control vulnerability in the audio module. Successful exploitation of this... Moderate Unreviewed

CVE-2023-41312 was published Sep 27, 2023

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor... Moderate Unreviewed

CVE-2023-34043 was published Sep 27, 2023

The com.cutestudio.colordialer application through 2.1.8-2 for Android allows a remote attacker... Moderate Unreviewed

CVE-2023-42468 was published Sep 13, 2023

In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general... Moderate Unreviewed

CVE-2023-35671 was published Sep 11, 2023

A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated,... Moderate Unreviewed

CVE-2023-20193 was published Sep 7, 2023

A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read... Moderate Unreviewed

CVE-2023-20194 was published Sep 7, 2023

Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows... Moderate Unreviewed

CVE-2023-30716 was published Sep 6, 2023

Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep... Moderate Unreviewed

CVE-2023-30713 was published Sep 6, 2023

An Improper Privilege Management vulnerability was found in ASUSTOR Data Master (ADM) allows an... Moderate Unreviewed

CVE-2023-3699 was published Aug 22, 2023

Dell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high... Moderate Unreviewed

CVE-2023-32490 was published Aug 16, 2023

The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2023-4293 was published Aug 12, 2023

The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up... Moderate Unreviewed

CVE-2023-4239 was published Aug 9, 2023

Ineffective privileges drop when requesting container network Moderate

CVE-2023-38496 was published for github.com/apptainer/apptainer (Go) Jul 25, 2023

An improper privilege check in the OTRS ticket move action in the agent interface allows any as... Moderate Unreviewed

CVE-2023-38058 was published Jul 24, 2023

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is... Moderate Unreviewed

CVE-2023-29256 was published Jul 10, 2023

The Greeklish-permalink WordPress plugin through 3.3 does not implement correct authorization or... Moderate Unreviewed

CVE-2023-2495 was published Jul 10, 2023

An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary... Moderate Unreviewed

CVE-2023-29240 was published Jul 6, 2023

A CWE-269: Improper Privilege Management vulnerability exists that could cause a local user to... Moderate Unreviewed

CVE-2023-1548 was published Jul 6, 2023

Previous 1 2 3 4 5 6 7 8 … 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

889 advisories