Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,015
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

888 advisories

Loading
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows... Moderate Unreviewed
CVE-2024-5907 was published Jun 12, 2024
An improper privilege management vulnerability exists in Tenable Security Center where an... Moderate Unreviewed
CVE-2024-5759 was published Jun 12, 2024
A vulnerability has been identified in Mendix Applications using Mendix 10 (All versions < V10.11... Moderate Unreviewed
CVE-2024-33500 was published Jun 11, 2024
Ariane Allegro Scenario Player through 2024-03-05, when Ariane Duo kiosk mode is used, allows... Moderate Unreviewed
CVE-2024-37364 was published Jun 6, 2024
Privilege Escalation in TYPO3 CMS Moderate
GHSA-v5jp-4h2p-j2p4 was published for typo3/cms (Composer) Jun 5, 2024
** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the SUID... Moderate Unreviewed
CVE-2024-29975 was published Jun 4, 2024
** UNSUPPORTED WHEN ASSIGNED ** The improper privilege management vulnerability in the command ... Moderate Unreviewed
CVE-2024-29976 was published Jun 4, 2024
TYPO3 Broken Access Control in Localization Handling Moderate
GHSA-9rx9-7fmh-gj3g was published for typo3/cms-core (Composer) May 30, 2024
Improper Privilege Management vulnerability in Salon Booking System Salon booking system allows... Moderate Unreviewed
CVE-2023-48319 was published May 17, 2024
Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024... Moderate Unreviewed
CVE-2023-45320 was published May 16, 2024
Uncontrolled search path for some Intel(R) CST software before version 2.1.10300 may allow an... Moderate Unreviewed
CVE-2023-40155 was published May 16, 2024
Reportico Web fails to invalidate cookies upon logout Moderate
CVE-2024-31556 was published for reportico-web/reportico (Composer) May 14, 2024
An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with... Moderate Unreviewed
CVE-2024-31953 was published May 14, 2024
Neo4j Cypher component mishandles IMMUTABLE privileges Moderate
CVE-2024-34517 was published for org.neo4j:neo4j-cypher (Maven) May 7, 2024
irene221b
In atf spm, there is a possible way to remap physical memory to virtual memory due to a logic... Moderate Unreviewed
CVE-2024-20021 was published May 6, 2024
Jenkins Git server Plugin does not perform a permission check Moderate
CVE-2024-34146 was published for org.jenkins-ci.plugins:git-server (Maven) May 2, 2024
An issue in spidernet-io spiderpool v.0.9.3 and before allows a local attacker to execute... Moderate Unreviewed
CVE-2024-33393 was published May 1, 2024
By default, SANnav OVA is shipped with root user login enabled. While protected by a password,... Moderate Unreviewed
CVE-2024-2859 was published Apr 27, 2024
An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that... Moderate Unreviewed
CVE-2024-3470 was published Apr 19, 2024
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an... Moderate Unreviewed
CVE-2024-3388 was published Apr 10, 2024
Improper privilege management in the installer for Zoom Desktop Client for Windows before version... Moderate Unreviewed
CVE-2024-24694 was published Apr 9, 2024
Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5... Moderate Unreviewed
CVE-2024-27247 was published Apr 9, 2024
Permission verification vulnerability in the system module. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2023-52543 was published Apr 8, 2024
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid... Moderate Unreviewed
CVE-2024-20282 was published Apr 3, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management... Moderate Unreviewed
CVE-2024-25961 was published Mar 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database