Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

84 advisories

Loading
A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account... Critical Unreviewed
CVE-2024-42024 was published Sep 7, 2024
Apache Airflow vulnerable to Execution with Unnecessary Privileges High
CVE-2024-45034 was published for apache-airflow (pip) Sep 7, 2024
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated... Moderate Unreviewed
CVE-2024-5623 was published Aug 29, 2024
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.... High Unreviewed
CVE-2024-5622 was published Aug 29, 2024
A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure... Moderate Unreviewed
CVE-2024-20478 was published Aug 28, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application... High Unreviewed
CVE-2024-36398 was published Aug 13, 2024
Execution with unnecessary privileges in PerkinElmer ProcessPlus allows an attacker to spawn a... Critical Unreviewed
CVE-2024-6913 was published Jul 22, 2024
A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated... High Unreviewed
CVE-2024-20435 was published Jul 17, 2024
A vulnerability in APIML Spring Cloud Gateway which leverages user privileges by unexpected... Critical Unreviewed
CVE-2024-6834 was published Jul 17, 2024
Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. ... High Unreviewed
CVE-2024-21184 was published Jul 17, 2024
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has... High Unreviewed
CVE-2024-35154 was published Jul 10, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain an execution with unnecessary... Moderate Unreviewed
CVE-2024-32853 was published Jul 2, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain... High Unreviewed
CVE-2023-30998 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain... High Unreviewed
CVE-2023-30997 was published Jun 27, 2024
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS... Critical Unreviewed
CVE-2024-3330 was published Jun 27, 2024
IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for i contains a local... High Unreviewed
CVE-2024-31890 was published Jun 21, 2024
Attackers can then execute malicious files by enabling certain services of the printer via the... High Unreviewed
CVE-2024-3498 was published Jun 14, 2024
The Toshiba printers do not implement privileges separation. As for the affected products/models... Moderate Unreviewed
CVE-2024-27146 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27147 was published Jun 14, 2024
Toshiba printers use SNMP for configuration. Using the private community, it is possible to... Critical Unreviewed
CVE-2024-27143 was published Jun 14, 2024
NVIDIA vGPU software for Linux contains a vulnerability in the Virtual GPU Manager, where the... High Unreviewed
CVE-2024-0084 was published Jun 14, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.4, macOS... High Unreviewed
CVE-2024-23299 was published Jun 10, 2024
A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a... High Unreviewed
CVE-2023-38042 was published May 31, 2024
IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate... High Unreviewed
CVE-2024-35142 was published May 31, 2024
Submariner Operator sets unnecessary RBAC permissions in helm charts Moderate
CVE-2024-5042 was published for github.com/submariner-io/submariner-operator (Go) May 17, 2024
ProTip! Advisories are also available from the GraphQL API