GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
889 advisories
Filter by severity
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an improper privilege management...
Moderate
Unreviewed
CVE-2024-25961
was published
Mar 28, 2024
Podman affected by CVE-2024-1753 container escape at build time
Moderate
CVE-2024-1753
was published
for
github.com/containers/podman/v4
(Go)
Mar 28, 2024
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-26247
was published
Mar 23, 2024
IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could allow an authenticated user with...
Moderate
Unreviewed
CVE-2023-47715
was published
Mar 21, 2024
An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that...
Moderate
Unreviewed
CVE-2024-1908
was published
Mar 21, 2024
Users with `create` but not `override` privileges can perform local sync
Moderate
CVE-2023-50726
was published
for
github.com/argoproj/argo-cd
(Go)
Mar 15, 2024
An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the...
Moderate
Unreviewed
CVE-2024-2431
was published
Mar 13, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows...
Moderate
Unreviewed
CVE-2024-2432
was published
Mar 13, 2024
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an...
Moderate
Unreviewed
CVE-2024-2433
was published
Mar 13, 2024
A vulnerability in the Secure Copy Protocol (SCP) and SFTP feature of Cisco IOS XR Software could...
Moderate
Unreviewed
CVE-2024-20262
was published
Mar 13, 2024
In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds...
Moderate
Unreviewed
CVE-2024-25987
was published
Mar 11, 2024
In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, there is a possible out of...
Moderate
Unreviewed
CVE-2024-25990
was published
Mar 11, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 before 16.7.6...
Moderate
Unreviewed
CVE-2023-6477
was published
Feb 22, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2...
Moderate
Unreviewed
CVE-2024-1250
was published
Feb 12, 2024
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client...
Moderate
Unreviewed
CVE-2024-23764
was published
Feb 8, 2024
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user...
Moderate
Unreviewed
CVE-2024-22239
was published
Feb 6, 2024
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion...
Moderate
Unreviewed
CVE-2023-28049
was published
Feb 6, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
Moderate
Unreviewed
CVE-2023-31005
was published
Feb 3, 2024
HashiCorp Vault Improper Privilege Management
Moderate
CVE-2020-10660
was published
for
github.com/hashicorp/vault
(Go)
Jan 30, 2024
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,...
Moderate
Unreviewed
CVE-2024-0674
was published
Jan 30, 2024
A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow...
Moderate
Unreviewed
CVE-2023-5080
was published
Jan 19, 2024
Kruise allows leveraging the kruise-daemon pod to list all secrets in the entire cluster
Moderate
CVE-2023-30617
was published
for
github.com/openkruise/kruise
(Go)
Jan 5, 2024
Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro
Moderate
Unreviewed
CVE-2023-41784
was published
Jan 4, 2024
Craft CMS Privilege Escalation
Moderate
CVE-2024-21622
was published
for
craftcms/cms
(Composer)
Jan 3, 2024
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular...
Moderate
Unreviewed
CVE-2023-41776
was published
Jan 3, 2024
ProTip!
Advisories are also available from the
GraphQL API