Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

67 advisories

Loading
Apache Hadoop: Temporary File Local Information Disclosure Low
CVE-2024-23454 was published for org.apache.hadoop:hadoop-common (Maven) Sep 25, 2024
oscerd
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®... Low Unreviewed
CVE-2024-6326 was published Jul 16, 2024
SpiceDB having multiple caveats on resources of the same type may improperly result in no permission Low
CVE-2024-46989 was published for github.com/authzed/spicedb (Go) Sep 18, 2024
tim-mod
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1... Low Unreviewed
CVE-2022-4270 was published Dec 2, 2022
Access permission verification vulnerability in the Notepad module Impact: Successful... Low Unreviewed
CVE-2024-42036 was published Aug 8, 2024
biscuit-auth vulnerable to public key confusion in third party block Low
CVE-2024-41949 was published for biscuit-auth (Rust) Jul 31, 2024
Improper Privilege Management in djangorestframework-simplejwt Low
CVE-2024-22513 was published for djangorestframework-simplejwt (pip) Mar 16, 2024
r3kumar dmdhrumilmistry
A local privilege escalation (LPE) vulnerability has been identified in Phish Alert Button for... Low Unreviewed
CVE-2024-29210 was published May 7, 2024
Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows... Low Unreviewed
CVE-2023-30717 was published Sep 6, 2023
There is a permission and access control vulnerability in some ZTE mobile phones. Due to... Low Unreviewed
CVE-2023-25647 was published Aug 17, 2023
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1... Low Unreviewed
CVE-2023-21512 was published Jun 28, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-51433 was published Dec 29, 2023
An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on... Low Unreviewed
CVE-2020-1476 was published May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application... Low Unreviewed
CVE-2020-16852 was published May 24, 2022
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-23428 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-23430 was published Dec 29, 2023
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an... Low Unreviewed
CVE-2023-6793 was published Dec 13, 2023
The FACSChorus software does not properly assign data access privileges for operating system user... Low Unreviewed
CVE-2023-29066 was published Nov 28, 2023
Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a... Low Unreviewed
CVE-2021-31839 was published May 24, 2022
Byobu user preference to prevent private discussions being started are not respected Low
CVE-2022-35921 was published for fof/byobu (Composer) Aug 6, 2022
Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22,... Low Unreviewed
CVE-2022-36832 was published Aug 6, 2022
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges.... Low Unreviewed
CVE-2019-15790 was published May 24, 2022
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar... Low Unreviewed
CVE-2023-21458 was published Mar 16, 2023
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the... Low Unreviewed
CVE-2004-1349 was published Apr 29, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 allows web pages to be stored... Low Unreviewed
CVE-2019-4218 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database