Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

59 advisories

Loading
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®... Low Unreviewed
CVE-2024-6326 was published Jul 16, 2024
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1... Low Unreviewed
CVE-2022-4270 was published Dec 2, 2022
Access permission verification vulnerability in the Notepad module Impact: Successful... Low Unreviewed
CVE-2024-42036 was published Aug 8, 2024
A local privilege escalation (LPE) vulnerability has been identified in Phish Alert Button for... Low Unreviewed
CVE-2024-29210 was published May 7, 2024
Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows... Low Unreviewed
CVE-2023-30717 was published Sep 6, 2023
There is a permission and access control vulnerability in some ZTE mobile phones. Due to... Low Unreviewed
CVE-2023-25647 was published Aug 17, 2023
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1... Low Unreviewed
CVE-2023-21512 was published Jun 28, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-51433 was published Dec 29, 2023
An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on... Low Unreviewed
CVE-2020-1476 was published May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application... Low Unreviewed
CVE-2020-16852 was published May 24, 2022
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-23428 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-23430 was published Dec 29, 2023
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an... Low Unreviewed
CVE-2023-6793 was published Dec 13, 2023
The FACSChorus software does not properly assign data access privileges for operating system user... Low Unreviewed
CVE-2023-29066 was published Nov 28, 2023
Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a... Low Unreviewed
CVE-2021-31839 was published May 24, 2022
Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22,... Low Unreviewed
CVE-2022-36832 was published Aug 6, 2022
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges.... Low Unreviewed
CVE-2019-15790 was published May 24, 2022
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar... Low Unreviewed
CVE-2023-21458 was published Mar 16, 2023
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the... Low Unreviewed
CVE-2004-1349 was published Apr 29, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 allows web pages to be stored... Low Unreviewed
CVE-2019-4218 was published May 24, 2022
(Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity... Low Unreviewed
CVE-2022-22266 was published Jan 11, 2022
IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be... Low Unreviewed
CVE-2019-4112 was published May 24, 2022
IBM Maximo Asset Management 7.6 could allow a physical user of the system to obtain sensitive... Low Unreviewed
CVE-2019-4048 was published May 24, 2022
Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a... Low Unreviewed
CVE-2017-5084 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could... Low Unreviewed
CVE-2017-1150 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database