GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,371 advisories
Filter by severity
An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via...
High
Unreviewed
CVE-2023-48171
was published
Aug 12, 2024
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The zmmailboxdmgr binary, a...
High
Unreviewed
CVE-2024-27442
was published
Aug 12, 2024
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a...
Moderate
Unreviewed
CVE-2024-6758
was published
Aug 12, 2024
An Improper access control vulnerability was found in Avaya Aura System Manager which could allow...
Moderate
Unreviewed
CVE-2024-7480
was published
Aug 8, 2024
Access permission verification vulnerability in the Notepad module
Impact: Successful...
Low
Unreviewed
CVE-2024-42036
was published
Aug 8, 2024
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product...
High
Unreviewed
CVE-2024-22069
was published
Aug 8, 2024
Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain...
High
Unreviewed
CVE-2024-43199
was published
Aug 7, 2024
Privilege escalation vulnerability identified in OpenText ArcSight Intelligence.
Moderate
Unreviewed
CVE-2024-6359
was published
Aug 6, 2024
Juju's unprivileged user running on charm node can leak any secret or relation data accessible to the local charm
High
GHSA-6vjm-54vp-mxhx
was published
for
github.com/juju/juju
(Go)
Aug 5, 2024
The JetFormBuilder plugin for WordPress is vulnerable to privilege escalation in all versions up...
High
Unreviewed
CVE-2024-7291
was published
Aug 3, 2024
Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a...
High
Unreviewed
CVE-2024-33894
was published
Aug 2, 2024
Apache Linkis vulnerable to privilege escalation
High
CVE-2024-27181
was published
for
org.apache.linkis:linkis
(Maven)
Aug 2, 2024
Improper Privilege Management vulnerability in IdeaBox PowerPack Pro for Elementor allows...
High
Unreviewed
CVE-2024-39634
was published
Aug 1, 2024
Improper Privilege Management vulnerability in IdeaBox PowerPack for Beaver Builder allows...
High
Unreviewed
CVE-2024-39633
was published
Aug 1, 2024
Improper Privilege Management vulnerability in WebAppick CTX Feed allows Privilege Escalation...
High
Unreviewed
CVE-2024-38775
was published
Aug 1, 2024
Improper Privilege Management vulnerability in WPForms, LLC. WPForms User Registration allows...
High
Unreviewed
CVE-2023-52209
was published
Aug 1, 2024
Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule...
Critical
Unreviewed
CVE-2024-38770
was published
Aug 1, 2024
biscuit-auth vulnerable to public key confusion in third party block
Low
CVE-2024-41949
was published
for
biscuit-auth
(Rust)
Jul 31, 2024
Harbor fails to validate the user permissions when updating project configurations
High
CVE-2024-22278
was published
for
github.com/goharbor/harbor
(Go)
Jul 31, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS...
High
Unreviewed
CVE-2024-40802
was published
Jul 30, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS...
High
Unreviewed
CVE-2024-40781
was published
Jul 30, 2024
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6...
High
Unreviewed
CVE-2024-27826
was published
Jul 30, 2024
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to...
Critical
Unreviewed
CVE-2024-37858
was published
Jul 29, 2024
RaspAP allows an attacker to escalate privileges
Critical
CVE-2024-41637
was published
for
billz/raspap-webgui
(Composer)
Jul 29, 2024
The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with...
High
Unreviewed
CVE-2024-42050
was published
Jul 28, 2024
ProTip!
Advisories are also available from the
GraphQL API