GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
218 advisories
Filter by severity
The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and...
Critical
Unreviewed
CVE-2024-8853
was published
Sep 20, 2024
Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,...
Critical
Unreviewed
CVE-2023-0635
was published
Jul 6, 2023
API permission management vulnerability in the Fwk-Display module.Successful exploitation of this...
Critical
Unreviewed
CVE-2023-44106
was published
Oct 11, 2023
D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions.
Critical
Unreviewed
CVE-2023-44809
was published
Oct 16, 2023
An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to...
Critical
Unreviewed
CVE-2024-44893
was published
Sep 10, 2024
The WPCOM Member plugin for WordPress is vulnerable to privilege escalation in all versions up to...
Critical
Unreviewed
CVE-2024-7493
was published
Sep 6, 2024
A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older...
Critical
Unreviewed
CVE-2023-39335
was published
Nov 15, 2023
An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain...
Critical
Unreviewed
CVE-2023-47132
was published
Feb 9, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative...
Critical
Unreviewed
CVE-2024-36439
was published
Aug 22, 2024
An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0...
Critical
Unreviewed
CVE-2024-33226
was published
May 22, 2024
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could...
Critical
Unreviewed
CVE-2024-33872
was published
Aug 20, 2024
An issue in Multilaser RE160V firmware v12.03.01.09_pt and Multilaser RE163V firmware v12.03.01...
Critical
Unreviewed
CVE-2023-38944
was published
Mar 6, 2024
Improper Privilege Management vulnerability in Geek Code Lab Login As Users allows Privilege...
Critical
Unreviewed
CVE-2024-43311
was published
Aug 19, 2024
Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege...
Critical
Unreviewed
CVE-2024-43240
was published
Aug 19, 2024
Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This...
Critical
Unreviewed
CVE-2024-43245
was published
Aug 19, 2024
An issue in TVS Motor Company Limited TVS Connet Android v.4.5.1 and iOS v.5.0.0 allows a remote...
Critical
Unreviewed
CVE-2024-33308
was published
Apr 30, 2024
Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network...
Critical
Unreviewed
CVE-2024-21807
was published
Aug 14, 2024
Improper Privilege Management vulnerability in WofficeIO Woffice allows Privilege Escalation.This...
Critical
Unreviewed
CVE-2024-43153
was published
Aug 13, 2024
Improper Privilege Management vulnerability in realmag777 HUSKY allows Privilege Escalation.This...
Critical
Unreviewed
CVE-2024-43121
was published
Aug 13, 2024
An issue was discovered in tramyardg autoexpress version 1.3.0, allows unauthenticated remote...
Critical
Unreviewed
CVE-2023-48902
was published
Mar 21, 2024
A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the...
Critical
Unreviewed
CVE-2023-4976
was published
Jul 17, 2024
Android kernel allows Elevation of privilege.
Critical
Unreviewed
CVE-2024-27207
was published
Mar 11, 2024
Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule...
Critical
Unreviewed
CVE-2024-38770
was published
Aug 1, 2024
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to...
Critical
Unreviewed
CVE-2024-37858
was published
Jul 29, 2024
SQL Injection vulnerability in Tongtianxing Technology Co., Ltd CMSV6 v.7.31.0.2 through v.7.31.0...
Critical
Unreviewed
CVE-2024-29667
was published
Mar 29, 2024
ProTip!
Advisories are also available from the
GraphQL API