Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,176 advisories

Loading
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed
CVE-2024-33499 was published May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Moderate Unreviewed
CVE-2024-30208 was published May 14, 2024
Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices High Unreviewed
CVE-2024-1486 was published May 14, 2024
Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows... High Unreviewed
CVE-2023-35841 was published May 14, 2024
NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU... High Unreviewed
CVE-2022-21819 was published Mar 12, 2022
Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation... High Unreviewed
CVE-2023-51579 was published May 3, 2024
LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-40516 was published May 3, 2024
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp. Moderate Unreviewed
CVE-2022-48257 was published Jan 13, 2023
Froxlor Incorrect Access Control High
CVE-2018-12642 was published for froxlor/froxlor (Composer) May 13, 2022
Permissions bypass in KubeVirt Moderate
CVE-2020-1701 was published for kubevirt.io/kubevirt (Go) Jun 1, 2021
Jerome Gamez Firebase Admin SDK for PHP Incorrect Access Control vulnerability High
CVE-2018-1000025 was published for kreait/firebase-php (Composer) May 13, 2022
Moodle command execution vulnerability exists in the default legacy spellchecker plugin Critical
CVE-2021-21809 was published for moodle/moodle (Composer) May 24, 2022
Bolt Improper Access Control Moderate
CVE-2017-16754 was published for bolt/bolt (Composer) May 13, 2022
Drupal access bypass vulnerability Moderate
CVE-2017-6928 was published for drupal/core (Composer) May 13, 2022
LightSAML Incorrect Access Control vulnerability High
CVE-2018-1000165 was published for lightsaml/lightsaml (Composer) May 13, 2022
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities Moderate
CVE-2022-24769 was published for github.com/docker/docker (Go) Apr 22, 2024
AndrewGMorgan
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3... Moderate Unreviewed
CVE-2024-22334 was published Apr 12, 2024
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6... Moderate Unreviewed
CVE-2023-4228 was published Aug 24, 2023
Vulnerability of improper permission management in the displayengine module. Successful... Moderate Unreviewed
CVE-2023-41295 was published Sep 25, 2023
Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access control over the UART... High Unreviewed
CVE-2018-20007 was published May 24, 2022
Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows... Moderate Unreviewed
CVE-2023-34797 was published Jun 15, 2023
The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for... High Unreviewed
CVE-2020-36154 was published May 24, 2022
3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows... High Unreviewed
CVE-2019-14935 was published May 24, 2022
Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions. Moderate Unreviewed
CVE-2022-43309 was published Apr 7, 2023
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels... Moderate Unreviewed
CVE-2021-3631 was published Mar 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database