GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
797 advisories
Filter by severity
An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that...
Moderate
Unreviewed
CVE-2024-1908
was published
Mar 21, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows...
Moderate
Unreviewed
CVE-2024-2432
was published
Mar 13, 2024
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an...
Moderate
Unreviewed
CVE-2024-2433
was published
Mar 13, 2024
An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the...
Moderate
Unreviewed
CVE-2024-2431
was published
Mar 13, 2024
A vulnerability in the Secure Copy Protocol (SCP) and SFTP feature of Cisco IOS XR Software could...
Moderate
Unreviewed
CVE-2024-20262
was published
Mar 13, 2024
In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds...
Moderate
Unreviewed
CVE-2024-25987
was published
Mar 11, 2024
In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, there is a possible out of...
Moderate
Unreviewed
CVE-2024-25990
was published
Mar 11, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.5 before 16.7.6...
Moderate
Unreviewed
CVE-2023-6477
was published
Feb 22, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2...
Moderate
Unreviewed
CVE-2024-1250
was published
Feb 12, 2024
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client...
Moderate
Unreviewed
CVE-2024-23764
was published
Feb 8, 2024
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user...
Moderate
Unreviewed
CVE-2024-22239
was published
Feb 6, 2024
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion...
Moderate
Unreviewed
CVE-2023-28049
was published
Feb 6, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
Moderate
Unreviewed
CVE-2023-31005
was published
Feb 3, 2024
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,...
Moderate
Unreviewed
CVE-2024-0674
was published
Jan 30, 2024
A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow...
Moderate
Unreviewed
CVE-2023-5080
was published
Jan 19, 2024
Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro
Moderate
Unreviewed
CVE-2023-41784
was published
Jan 4, 2024
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular...
Moderate
Unreviewed
CVE-2023-41776
was published
Jan 3, 2024
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2023-51430
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2023-51429
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2023-23429
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2023-23427
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Moderate
Unreviewed
CVE-2023-23438
was published
Dec 29, 2023
A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd...
Moderate
Unreviewed
CVE-2023-7090
was published
Dec 24, 2023
Improper privilege management allowed arbitrary workflows to be committed and run using an...
Moderate
Unreviewed
CVE-2023-6804
was published
Dec 21, 2023
A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4...
Moderate
Unreviewed
CVE-2023-3907
was published
Dec 18, 2023
ProTip!
Advisories are also available from the
GraphQL API