GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
28 advisories
Filter by severity
Possible improper input validation Vulnerability
in iManager has been discovered in
OpenText™...
Moderate
Unreviewed
CVE-2021-38118
was published
Nov 22, 2024
A local privilege escalation vulnerability in the SecuSUITE Server (System Configuration) of...
Moderate
Unreviewed
CVE-2024-51722
was published
Nov 12, 2024
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2...
Moderate
Unreviewed
CVE-2024-47903
was published
Oct 23, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone...
Moderate
Unreviewed
CVE-2024-20420
was published
Oct 16, 2024
open-webui Insecure Direct Object Reference (IDOR) vulnerability
Moderate
CVE-2024-7041
was published
for
open-webui
(pip)
Oct 9, 2024
A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows...
Moderate
Unreviewed
CVE-2024-9473
was published
Oct 9, 2024
Local active protection service settings manipulation due to unnecessary privileges assignment....
Moderate
Unreviewed
CVE-2024-8903
was published
Sep 23, 2024
OpenShift Builder has a path traversal, allows command injection in privileged BuildContainer
Moderate
CVE-2024-7387
was published
for
github.com/openshift/builder
(Go)
Sep 17, 2024
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated...
Moderate
Unreviewed
CVE-2024-5623
was published
Aug 29, 2024
A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure...
Moderate
Unreviewed
CVE-2024-20478
was published
Aug 28, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain an execution with unnecessary...
Moderate
Unreviewed
CVE-2024-32853
was published
Jul 2, 2024
The Toshiba printers do not implement privileges separation. As for the affected products/models...
Moderate
Unreviewed
CVE-2024-27146
was published
Jun 14, 2024
Submariner Operator sets unnecessary RBAC permissions in helm charts
Moderate
CVE-2024-5042
was published
for
github.com/submariner-io/submariner-operator
(Go)
May 17, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an execution with unnecessary...
Moderate
Unreviewed
CVE-2024-25967
was published
May 14, 2024
A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive...
Moderate
Unreviewed
CVE-2023-42954
was published
Mar 22, 2024
A CWE-250 “Execution with Unnecessary Privileges” vulnerability in the embedded Chromium browser ...
Moderate
Unreviewed
CVE-2023-45592
was published
Mar 5, 2024
Kruise allows leveraging the kruise-daemon pod to list all secrets in the entire cluster
Moderate
CVE-2023-30617
was published
for
github.com/openkruise/kruise
(Go)
Jan 5, 2024
This vulnerability allows local attackers to escalate privileges on affected installations of...
Moderate
Unreviewed
CVE-2023-6006
was published
Nov 14, 2023
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that...
Moderate
Unreviewed
CVE-2023-43018
was published
Nov 3, 2023
SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are
susceptible to a...
Moderate
Unreviewed
CVE-2023-27312
was published
Oct 12, 2023
One Identity Password Manager version 5.9.7.1 - An unauthenticated attacker with physical access...
Moderate
Unreviewed
CVE-2023-4003
was published
Sep 27, 2023
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation...
Moderate
Unreviewed
CVE-2023-20217
was published
Aug 17, 2023
A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate...
Moderate
Unreviewed
CVE-2023-20210
was published
Jul 12, 2023
A vulnerability was found in the HCI sockets implementation due to a missing capability check in...
Moderate
Unreviewed
CVE-2023-2002
was published
May 26, 2023
A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch...
Moderate
Unreviewed
CVE-2018-10872
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API