GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,273
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,489
Swift
61
Unreviewed advisories
All unreviewed
5,000+
954 advisories
Filter by severity
When running in Appliance mode, an authenticated attacker assigned the Administrator role may be...
Moderate
Unreviewed
CVE-2024-23976
was published
Feb 14, 2024
In createFromParcel of UsbConfiguration.java, there is a possible background activity launch (BAL...
High
Unreviewed
CVE-2023-40109
was published
Feb 16, 2024
An issue was discovered in BeyondTrust Privilege Management for Windows before 24.1. When an low...
Moderate
Unreviewed
CVE-2024-25083
was published
Feb 16, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 before 16.7.6...
Moderate
Unreviewed
CVE-2023-6477
was published
Feb 22, 2024
An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with...
High
Unreviewed
CVE-2023-50437
was published
Feb 29, 2024
This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 17.4, iOS...
High
Unreviewed
CVE-2024-23288
was published
Mar 8, 2024
A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers...
High
Unreviewed
CVE-2024-20320
was published
Mar 13, 2024
A vulnerability was found in FLIR AX8 up to 1.46.16. It has been rated as critical. This issue...
Moderate
Unreviewed
CVE-2024-3013
was published
Mar 28, 2024
The MasterStudy LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up...
Critical
Unreviewed
CVE-2024-2409
was published
Mar 29, 2024
An issue in sanluan flipped-aurora gin-vue-admin 2.4.x allows an attacker to escalate privileges...
Moderate
Unreviewed
CVE-2024-31760
was published
Apr 17, 2024
Various software builds for the following TCL devices (30Z, A3X, 20XE, 10L) leak the device IMEI...
High
Unreviewed
CVE-2023-38298
was published
Apr 22, 2024
Kubelet Incorrect Privilege Assignment
Moderate
CVE-2019-11245
was published
for
k8s.io/kubernetes/cmd/kubelet
(Go)
Apr 24, 2024
Improper Authentication vulnerability in wp-buy Login as User or Customer (User Switching) allows...
Critical
Unreviewed
CVE-2023-51484
was published
Apr 25, 2024
In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted...
High
Unreviewed
CVE-2024-27453
was published
May 3, 2024
IBM AIX's Unix domain (AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1) datagram socket implementation could...
High
Unreviewed
CVE-2024-27273
was published
May 7, 2024
A privilege escalation exists in the updater for Plantronics Hub 3.25.1 and below.
Moderate
Unreviewed
CVE-2024-27460
was published
May 14, 2024
Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate...
High
Unreviewed
CVE-2024-31771
was published
May 14, 2024
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could...
High
Unreviewed
CVE-2024-20389
was published
May 16, 2024
Improper Privilege Management vulnerability in Masteriyo LMS allows Privilege Escalation.This...
Critical
Unreviewed
CVE-2024-24882
was published
May 17, 2024
Improper Privilege Management vulnerability in Hamid Alinia – idehweb Login with phone number...
High
Unreviewed
CVE-2024-32507
was published
May 17, 2024
Improper Privilege Management vulnerability in InstaWP Team InstaWP Connect allows Privilege...
High
Unreviewed
CVE-2024-22145
was published
May 17, 2024
Improper Privilege Management vulnerability in Sirv allows Privilege Escalation.This issue...
High
Unreviewed
CVE-2024-32959
was published
May 17, 2024
In the Linux kernel, the following vulnerability has been resolved:
ethtool: strset: fix message...
High
Unreviewed
CVE-2021-47241
was published
May 21, 2024
The Frontend Registration – Contact Form 7 plugin for WordPress is vulnerable to privilege...
High
Unreviewed
CVE-2024-4870
was published
Jun 4, 2024
Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation...
Critical
Unreviewed
CVE-2024-35700
was published
Jun 4, 2024
ProTip!
Advisories are also available from the
GraphQL API