GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,536

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

226 advisories

Filter by severity

Sort by

Least recently updated

The UserPlus plugin for WordPress is vulnerable to privilege escalation in versions up to, and... Critical Unreviewed

CVE-2024-9518 was published Oct 10, 2024

Windows Update Stack Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2021-1694 was published May 24, 2022

A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege... Critical Unreviewed

CVE-2024-3057 was published Oct 8, 2024

According to the researcher: "The TLS connections are encrypted against tampering or... Critical Unreviewed

CVE-2024-44097 was published Oct 2, 2024

An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain... Critical Unreviewed

CVE-2023-36100 was published Sep 1, 2023

The Echo RSS Feed Post Generator plugin for WordPress is vulnerable to privilege escalation in... Critical Unreviewed

CVE-2024-9265 was published Oct 1, 2024

An issue in Service Provider Management System v.1.0 allows a remote attacker to gain privileges... Critical Unreviewed

CVE-2023-43457 was published Sep 25, 2023

A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows... Critical Unreviewed

CVE-2024-34331 was published Sep 23, 2024

A condition exists in FlashArray Purity whereby a malicious user could use a remote... Critical Unreviewed

CVE-2024-0003 was published Sep 23, 2024

The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and... Critical Unreviewed

CVE-2024-8853 was published Sep 20, 2024

Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,... Critical Unreviewed

CVE-2023-0635 was published Jul 6, 2023

API permission management vulnerability in the Fwk-Display module.Successful exploitation of this... Critical Unreviewed

CVE-2023-44106 was published Oct 11, 2023

D-Link device DIR-820L 1.05B03 is vulnerable to Insecure Permissions. Critical Unreviewed

CVE-2023-44809 was published Oct 16, 2023

An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to... Critical Unreviewed

CVE-2024-44893 was published Sep 10, 2024

The WPCOM Member plugin for WordPress is vulnerable to privilege escalation in all versions up to... Critical Unreviewed

CVE-2024-7493 was published Sep 6, 2024

A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older... Critical Unreviewed

CVE-2023-39335 was published Nov 15, 2023

An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain... Critical Unreviewed

CVE-2023-47132 was published Feb 9, 2024

Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative... Critical Unreviewed

CVE-2024-36439 was published Aug 22, 2024

An issue in the component Access64.sys of Wistron Corporation TBT Force Power Control v1.0.0.0... Critical Unreviewed

CVE-2024-33226 was published May 22, 2024

Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could... Critical Unreviewed

CVE-2024-33872 was published Aug 20, 2024

An issue in Multilaser RE160V firmware v12.03.01.09_pt and Multilaser RE163V firmware v12.03.01... Critical Unreviewed

CVE-2023-38944 was published Mar 6, 2024

Improper Privilege Management vulnerability in Geek Code Lab Login As Users allows Privilege... Critical Unreviewed

CVE-2024-43311 was published Aug 19, 2024

Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege... Critical Unreviewed

CVE-2024-43240 was published Aug 19, 2024

Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This... Critical Unreviewed

CVE-2024-43245 was published Aug 19, 2024

An issue in TVS Motor Company Limited TVS Connet Android v.4.5.1 and iOS v.5.0.0 allows a remote... Critical Unreviewed

CVE-2024-33308 was published Apr 30, 2024

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

226 advisories