GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
889 advisories
Filter by severity
In increment_annotation_count of stats_event.c, there is a possible out of bounds write due to a...
Moderate
Unreviewed
CVE-2024-31311
was published
Jul 9, 2024
Cross-process screen stack vulnerability in the UIExtension module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-54110
was published
Dec 12, 2024
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows...
Moderate
Unreviewed
CVE-2023-21513
was published
Jun 28, 2023
Podman affected by CVE-2024-1753 container escape at build time
Moderate
CVE-2024-1753
was published
for
github.com/containers/podman/v4
(Go)
Mar 28, 2024
A vulnerability in an access control mechanism of Cisco Firepower Management Center (FMC)...
Moderate
Unreviewed
CVE-2021-1477
was published
May 24, 2022
Withdrawn Advisory: Kanister vulnerable to cluster-level privilege escalation
Moderate
CVE-2024-43403
was published
for
github.com/kanisterio/kanister
(Go)
Aug 20, 2024
•
withdrawn
Apache Kafka Clients: Privilege escalation to filesystem read-access via automatic ConfigProvider
Moderate
CVE-2024-31141
was published
for
org.apache.kafka:kafka-clients
(Maven)
Nov 19, 2024
Tryton Information Disclosure Vulnerability
Moderate
CVE-2017-0360
was published
for
trytond
(pip)
May 13, 2022
A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow...
Moderate
Unreviewed
CVE-2020-26063
was published
Nov 18, 2024
SpiceDB having multiple caveats on resources of the same type may improperly result in no permission
Moderate
CVE-2024-46989
was published
for
github.com/authzed/spicedb
(Go)
Sep 18, 2024
OpenShift Controller Manager Improper Privilege Management
Moderate
CVE-2024-45496
was published
for
github.com/openshift/openshift-controller-manager
(Go)
Sep 17, 2024
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from...
Moderate
Unreviewed
CVE-2022-21954
was published
Jan 12, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from...
Moderate
Unreviewed
CVE-2022-21970
was published
Jan 12, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21881.
Moderate
Unreviewed
CVE-2022-21879
was published
Jan 12, 2022
Privilege escalation to NetworkService Account access in Citrix Session Recording when an...
Moderate
Unreviewed
CVE-2024-8068
was published
Nov 12, 2024
Permission verification vulnerability in the system module.
Impact: Successful exploitation of...
Moderate
Unreviewed
CVE-2023-52543
was published
Apr 8, 2024
Access control vulnerable to user data deletion by anonynmous users
Moderate
CVE-2024-51734
was published
for
AccessControl
(pip)
Nov 4, 2024
Input parameter verification vulnerability in the background service module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-51521
was published
Nov 5, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ...
Moderate
Unreviewed
CVE-2024-20374
was published
Oct 23, 2024
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix...
Moderate
Unreviewed
CVE-2024-7890
was published
Sep 12, 2024
Sentry vulnerable to invite code reuse via cookie manipulation
Moderate
CVE-2022-23485
was published
for
sentry
(pip)
Dec 12, 2022
The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit...
Moderate
Unreviewed
CVE-2024-45461
was published
Oct 16, 2024
Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for...
Moderate
Unreviewed
CVE-2023-25535
was published
Oct 17, 2024
A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software...
Moderate
Unreviewed
CVE-2024-9471
was published
Oct 9, 2024
Improper privilege management in pyftpdlib
Moderate
CVE-2007-6741
was published
for
pyftpdlib
(pip)
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API