GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,078 advisories
Filter by severity
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product...
High
Unreviewed
CVE-2024-22069
was published
Aug 8, 2024
Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain...
High
Unreviewed
CVE-2024-43199
was published
Aug 7, 2024
Privilege escalation vulnerability identified in OpenText ArcSight Intelligence.
Moderate
Unreviewed
CVE-2024-6359
was published
Aug 6, 2024
The JetFormBuilder plugin for WordPress is vulnerable to privilege escalation in all versions up...
High
Unreviewed
CVE-2024-7291
was published
Aug 3, 2024
Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a...
High
Unreviewed
CVE-2024-33894
was published
Aug 2, 2024
Improper Privilege Management vulnerability in IdeaBox PowerPack for Beaver Builder allows...
High
Unreviewed
CVE-2024-39633
was published
Aug 1, 2024
Improper Privilege Management vulnerability in IdeaBox PowerPack Pro for Elementor allows...
High
Unreviewed
CVE-2024-39634
was published
Aug 1, 2024
Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule...
Critical
Unreviewed
CVE-2024-38770
was published
Aug 1, 2024
Improper Privilege Management vulnerability in WebAppick CTX Feed allows Privilege Escalation...
High
Unreviewed
CVE-2024-38775
was published
Aug 1, 2024
Improper Privilege Management vulnerability in WPForms, LLC. WPForms User Registration allows...
High
Unreviewed
CVE-2023-52209
was published
Aug 1, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS...
High
Unreviewed
CVE-2024-40802
was published
Jul 30, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS...
High
Unreviewed
CVE-2024-40781
was published
Jul 30, 2024
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6...
High
Unreviewed
CVE-2024-27826
was published
Jul 30, 2024
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to...
Critical
Unreviewed
CVE-2024-37858
was published
Jul 29, 2024
The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with...
High
Unreviewed
CVE-2024-42050
was published
Jul 28, 2024
An issue was discovered in WithSecure Elements Agent through 23.x for macOS, WithSecure Elements...
Moderate
Unreviewed
CVE-2024-27357
was published
Jul 26, 2024
Insecure Permissions vulnerability in Deepin dde-file-manager 6.0.54 and earlier allows...
High
Unreviewed
CVE-2023-50700
was published
Jul 26, 2024
AdvaBuild uses a command queue to launch certain operations. An attacker who gains access to the...
High
Unreviewed
CVE-2020-11640
was published
Jul 23, 2024
The improper privilege management vulnerability in the Zyxel WBE660S firmware version 6.70(ACGG.3...
Moderate
Unreviewed
CVE-2024-1575
was published
Jul 23, 2024
On versions before 2.1.4, after a regular user successfully logs in, they can manually make a...
Moderate
Unreviewed
CVE-2024-34457
was published
Jul 22, 2024
Improper privilege management in Yugabyte Platform allows authenticated admin users to escalate...
Moderate
Unreviewed
CVE-2024-6908
was published
Jul 19, 2024
Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management...
Moderate
Unreviewed
CVE-2024-30473
was published
Jul 18, 2024
Philips Vue PACS does not properly assign, modify, track, or check actor privileges, creating an...
Moderate
Unreviewed
CVE-2023-40223
was published
Jul 18, 2024
A flaw exists in Purity//FB whereby a local account is permitted to authenticate to the...
Critical
Unreviewed
CVE-2023-4976
was published
Jul 17, 2024
An improper privilege management vulnerability allowed users to migrate private repositories...
Moderate
Unreviewed
CVE-2024-5566
was published
Jul 17, 2024
ProTip!
Advisories are also available from the
GraphQL API