GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
107 advisories
Filter by severity
Local Privilege Escalation in PyInstaller
High
CVE-2019-16784
was published
for
PyInstaller
(pip)
Jan 16, 2020
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible
Moderate
CVE-2020-10684
was published
for
ansible
(pip)
Apr 7, 2021
Execution with Unnecessary Privileges in ipython
High
CVE-2022-21699
was published
for
ipython
(pip)
Jan 21, 2022
Improper Privilege Management and Execution with Unnecessary Privileges in Kata Containers
Moderate
CVE-2020-2023
was published
for
github.com/kata-containers/agent
(Go)
Feb 15, 2022
Authentication Bypass in keycloak
High
CVE-2020-27826
was published
for
org.keycloak:keycloak-core
(Maven)
Mar 18, 2022
A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could...
High
Unreviewed
CVE-2022-20676
was published
Apr 16, 2022
In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation....
High
Unreviewed
CVE-2021-34591
was published
Apr 28, 2022
The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does...
Moderate
Unreviewed
CVE-2018-10892
was published
May 13, 2022
A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch...
Moderate
Unreviewed
CVE-2018-10872
was published
May 13, 2022
It was discovered freeradius up to and including version 3.0.19 does not correctly configure...
High
Unreviewed
CVE-2019-10143
was published
May 24, 2022
rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`...
High
Unreviewed
CVE-2019-10147
was published
May 24, 2022
rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`...
High
Unreviewed
CVE-2019-10144
was published
May 24, 2022
rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`...
High
Unreviewed
CVE-2019-10145
was published
May 24, 2022
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before...
High
Unreviewed
CVE-2019-10167
was published
May 24, 2022
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges....
Low
Unreviewed
CVE-2019-15790
was published
May 24, 2022
A vulnerability has been identified in License Management Utility (LMU) (All versions < V2.4)....
High
Unreviewed
CVE-2020-10056
was published
May 24, 2022
The software performs an operation at a privilege level higher than the minimum level required,...
High
Unreviewed
CVE-2021-27454
was published
May 24, 2022
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2021-1528
was published
May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** A privilege escalation vulnerability was discovered in Avaya Aura...
High
Unreviewed
CVE-2021-25650
was published
May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** A privilege escalation vulnerability was discovered in Avaya Aura...
High
Unreviewed
CVE-2021-25651
was published
May 24, 2022
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM...
High
Unreviewed
CVE-2021-37174
was published
May 24, 2022
In Eclipse Openj9 before version 0.29.0, the JVM does not throw IllegalAccessError for...
Critical
Unreviewed
CVE-2021-41035
was published
May 24, 2022
Applications on the tested version of Dominion Voting Systems ImageCast X can execute code with...
High
Unreviewed
CVE-2022-1744
was published
Jun 25, 2022
An attacker may be able to execute malicious actions due to the lack of device access protections...
Critical
Unreviewed
CVE-2022-2634
was published
Aug 11, 2022
Execution with Unnecessary Privileges in JupyterApp
High
CVE-2022-39286
was published
for
jupyter-core
(pip)
Oct 26, 2022
ProTip!
Advisories are also available from the
GraphQL API