Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,370 advisories

Loading
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege... High Unreviewed
CVE-2024-9941 was published Nov 23, 2024
Kanister vulnerable to cluster-level privilege escalation Moderate
CVE-2024-43403 was published for github.com/kanisterio/kanister (Go) Aug 20, 2024
younaman hairyhum
Grafana's users with permissions to create a data source can CRUD all data sources High
CVE-2024-1442 was published for github.com/grafana/grafana (Go) Mar 7, 2024
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed
CVE-2024-9479 was published Nov 20, 2024
Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege... Critical Unreviewed
CVE-2024-9478 was published Nov 20, 2024
Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider Moderate
CVE-2024-31141 was published for org.apache.kafka:kafka-clients (Maven) Nov 19, 2024
Tryton Information Disclosure Vulnerability Moderate
CVE-2017-0360 was published for trytond (pip) May 13, 2022
A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow... Moderate Unreviewed
CVE-2020-26063 was published Nov 18, 2024
SpiceDB having multiple caveats on resources of the same type may improperly result in no permission Moderate
CVE-2024-46989 was published for github.com/authzed/spicedb (Go) Sep 18, 2024
tim-mod
OpenShift Controller Manager Improper Privilege Management Moderate
CVE-2024-45496 was published for github.com/openshift/openshift-controller-manager (Go) Sep 17, 2024
Microcks's POST /api/import and POST /api/export endpoints allow non-administrator access High
CVE-2024-44076 was published for io.github.microcks:microcks-app (Maven) Aug 19, 2024
Apache Linkis vulnerable to privilege escalation High
CVE-2024-27181 was published for org.apache.linkis:linkis (Maven) Aug 2, 2024
Harbor fails to validate the user permissions when updating project configurations High
CVE-2024-22278 was published for github.com/goharbor/harbor (Go) Jul 31, 2024
Calico privilege escalation vulnerability High
CVE-2024-33522 was published for github.com/projectcalico/calico (Go) Apr 30, 2024
Improper Access Control in Apache Airflow High
CVE-2021-26559 was published for apache-airflow (pip) Apr 7, 2021
sunSUNQ
The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-9192 was published Nov 16, 2024
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by... High Unreviewed
CVE-2024-9500 was published Nov 16, 2024
Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to... High Unreviewed
CVE-2024-11206 was published Nov 14, 2024
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is... High Unreviewed
CVE-2022-21914 was published Jan 12, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-21954 was published Jan 12, 2022
Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique... High Unreviewed
CVE-2022-21916 was published Jan 12, 2022
Windows Kerberos Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21920 was published Jan 12, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-21970 was published Jan 12, 2022
Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE... High Unreviewed
CVE-2022-21919 was published Jan 12, 2022
Windows Storage Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21875 was published Jan 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database