Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,140 advisories

Loading
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated... High Unreviewed
CVE-2024-49035 was published Nov 26, 2024
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege... High Unreviewed
CVE-2024-9941 was published Nov 23, 2024
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file... High Unreviewed
CVE-2024-0353 was published Feb 15, 2024
Grafana's users with permissions to create a data source can CRUD all data sources High
CVE-2024-1442 was published for github.com/grafana/grafana (Go) Mar 7, 2024
Microcks's POST /api/import and POST /api/export endpoints allow non-administrator access High
CVE-2024-44076 was published for io.github.microcks:microcks-app (Maven) Aug 19, 2024
Apache Linkis vulnerable to privilege escalation High
CVE-2024-27181 was published for org.apache.linkis:linkis (Maven) Aug 2, 2024
Harbor fails to validate the user permissions when updating project configurations High
CVE-2024-22278 was published for github.com/goharbor/harbor (Go) Jul 31, 2024
Calico privilege escalation vulnerability High
CVE-2024-33522 was published for github.com/projectcalico/calico (Go) Apr 30, 2024
Improper Access Control in Apache Airflow High
CVE-2021-26559 was published for apache-airflow (pip) Apr 7, 2021
sunSUNQ
The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-9192 was published Nov 16, 2024
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by... High Unreviewed
CVE-2024-9500 was published Nov 16, 2024
Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to... High Unreviewed
CVE-2024-11206 was published Nov 14, 2024
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is... High Unreviewed
CVE-2022-21914 was published Jan 12, 2022
Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique... High Unreviewed
CVE-2022-21916 was published Jan 12, 2022
Windows Kerberos Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21920 was published Jan 12, 2022
Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE... High Unreviewed
CVE-2022-21919 was published Jan 12, 2022
Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE... High Unreviewed
CVE-2022-21896 was published Jan 12, 2022
Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE... High Unreviewed
CVE-2022-21895 was published Jan 12, 2022
Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE... High Unreviewed
CVE-2022-21902 was published Jan 12, 2022
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is... High Unreviewed
CVE-2022-21885 was published Jan 12, 2022
Windows Storage Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21875 was published Jan 12, 2022
Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique... High Unreviewed
CVE-2022-21897 was published Jan 12, 2022
Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21882. High Unreviewed
CVE-2022-21887 was published Jan 12, 2022
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21884 was published Jan 12, 2022
Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21870 was published Jan 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database