Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,378 advisories

Loading
NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an... High Unreviewed
CVE-2024-0097 was published May 14, 2024
Improper privilege management vulnerability in Lunar software that affects versions 6.0.2 through... High Unreviewed
CVE-2024-3507 was published May 8, 2024
In migrateNotificationFilter of NotificationManagerService.java, there is a possible failure to... High Unreviewed
CVE-2024-23713 was published May 7, 2024
In multiple methods of UserManagerService.java, there is a possible failure to persist or enforce... High Unreviewed
CVE-2024-0024 was published May 7, 2024
A local privilege escalation (LPE) vulnerability has been identified in Phish Alert Button for... Low Unreviewed
CVE-2024-29210 was published May 7, 2024
Neo4j Cypher component mishandles IMMUTABLE privileges Moderate
CVE-2024-34517 was published for org.neo4j:neo4j-cypher (Maven) May 7, 2024
irene221b
An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180... High Unreviewed
CVE-2024-29150 was published May 7, 2024
In atf spm, there is a possible way to remap physical memory to virtual memory due to a logic... Moderate Unreviewed
CVE-2024-20021 was published May 6, 2024
piraeus-operator allows attacker to impersonate service account High
CVE-2024-33398 was published for github.com/piraeusdatastore/piraeus-operator/v2 (Go) May 3, 2024
Jenkins Git server Plugin does not perform a permission check Moderate
CVE-2024-34146 was published for org.jenkins-ci.plugins:git-server (Maven) May 2, 2024
An issue in spidernet-io spiderpool v.0.9.3 and before allows a local attacker to execute... Moderate Unreviewed
CVE-2024-33393 was published May 1, 2024
Privilege Escalation in WRSA.EXE in Webroot Antivirus 8.0.1X- 9.0.35.12 on Windows64 bit and 32... High Unreviewed
CVE-2023-7241 was published May 1, 2024
The anti-tampering functionality of the Zscaler Client Connector can be disabled under certain... High Unreviewed
CVE-2024-23457 was published May 1, 2024
An issue with the Autodiscover component in Nagios XI 2024R1.01 allows a remote attacker to... Critical Unreviewed
CVE-2024-33775 was published May 1, 2024
An issue in TVS Motor Company Limited TVS Connet Android v.4.5.1 and iOS v.5.0.0 allows a remote... Critical Unreviewed
CVE-2024-33308 was published Apr 30, 2024
Calico privilege escalation vulnerability High
CVE-2024-33522 was published for github.com/projectcalico/calico (Go) Apr 30, 2024
An issue in SUPERAntiSyware Professional X 10.0.1262 and 10.0.1264 allows unprivileged attackers... High Unreviewed
CVE-2024-27518 was published Apr 29, 2024
By default, SANnav OVA is shipped with root user login enabled. While protected by a password,... Moderate Unreviewed
CVE-2024-2859 was published Apr 27, 2024
An issue in Insurance Management System v.1.0.0 and before allows a remote attacker to escalate... High Unreviewed
CVE-2024-31502 was published Apr 26, 2024
Tenda N300 F3 router vulnerability allows users to bypass intended security policy and create... Critical Unreviewed
CVE-2024-25343 was published Apr 26, 2024
Privilege Escalation in kubevirt Critical
CVE-2020-14316 was published for kubevirt.io/kubevirt (Go) Apr 24, 2024
Improper Privilege Management vulnerability in Jacques Malgrange Rencontre – Dating Site allows... Critical Unreviewed
CVE-2023-51425 was published Apr 24, 2024
Certain software builds for the TCL 20XE Android device contain a vulnerable, pre-installed app... High Unreviewed
CVE-2023-38292 was published Apr 22, 2024
An issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2024-32418 was published Apr 22, 2024
Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit ... High Unreviewed
CVE-2024-4017 was published Apr 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database