GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,378 advisories
Filter by severity
Harbor fails to validate the user permissions when updating project configurations
High
CVE-2024-22278
was published
for
github.com/goharbor/harbor
(Go)
Jul 31, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS...
High
Unreviewed
CVE-2024-40802
was published
Jul 30, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS...
High
Unreviewed
CVE-2024-40781
was published
Jul 30, 2024
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6...
High
Unreviewed
CVE-2024-27826
was published
Jul 30, 2024
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to...
Critical
Unreviewed
CVE-2024-37858
was published
Jul 29, 2024
RaspAP allows an attacker to escalate privileges
Critical
CVE-2024-41637
was published
for
billz/raspap-webgui
(Composer)
Jul 29, 2024
The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with...
High
Unreviewed
CVE-2024-42050
was published
Jul 28, 2024
Insecure Permissions vulnerability in Deepin dde-file-manager 6.0.54 and earlier allows...
High
Unreviewed
CVE-2023-50700
was published
Jul 26, 2024
An issue was discovered in WithSecure Elements Agent through 23.x for macOS, WithSecure Elements...
Moderate
Unreviewed
CVE-2024-27357
was published
Jul 26, 2024
The Argo CD web terminal session does not handle the revocation of user permissions properly
Moderate
CVE-2024-41666
was published
for
github.com/argoproj/argo-cd/v2
(Go)
Jul 24, 2024
AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the...
High
Unreviewed
CVE-2020-11640
was published
Jul 23, 2024
The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70(ACGG.3...
Moderate
Unreviewed
CVE-2024-1575
was published
Jul 23, 2024
On versions before 2.1.4, after a regular user successfully logs in, they can manually make a...
Moderate
Unreviewed
CVE-2024-34457
was published
Jul 22, 2024
Improper privilege management in Yugabyte Platform allows authenticated admin users to escalate...
Moderate
Unreviewed
CVE-2024-6908
was published
Jul 19, 2024
Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management...
Moderate
Unreviewed
CVE-2024-30473
was published
Jul 18, 2024
Philips Vue PACS does not properly assign, modify, track, or check actor privileges, creating an...
Moderate
Unreviewed
CVE-2023-40223
was published
Jul 18, 2024
A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the...
Critical
Unreviewed
CVE-2023-4976
was published
Jul 17, 2024
An improper privilege management vulnerability allowed users to migrate private repositories...
Moderate
Unreviewed
CVE-2024-5566
was published
Jul 17, 2024
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www...
Moderate
Unreviewed
CVE-2024-6325
was published
Jul 16, 2024
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®...
Low
Unreviewed
CVE-2024-6326
was published
Jul 16, 2024
Improper privilege management in the installer for some Zoom Workplace Apps and SDKs for Windows...
Moderate
Unreviewed
CVE-2024-39819
was published
Jul 15, 2024
Improper Privilege Management vulnerability in IqbalRony WP User Switch allows Privilege...
High
Unreviewed
CVE-2024-37560
was published
Jul 12, 2024
Improper Privilege Management vulnerability in NooTheme Jobmonster allows Privilege Escalation...
Critical
Unreviewed
CVE-2024-37927
was published
Jul 12, 2024
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix...
High
Unreviewed
CVE-2024-6286
was published
Jul 10, 2024
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Virtual...
High
Unreviewed
CVE-2024-6151
was published
Jul 10, 2024
ProTip!
Advisories are also available from the
GraphQL API