GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,154
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
652
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
99 advisories
Filter by severity
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2...
Moderate
Unreviewed
CVE-2024-47903
was published
Oct 23, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone...
Moderate
Unreviewed
CVE-2024-20420
was published
Oct 16, 2024
open-webui Insecure Direct Object Reference (IDOR) vulnerability
Moderate
CVE-2024-7041
was published
for
open-webui
(pip)
Oct 9, 2024
A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows...
Moderate
Unreviewed
CVE-2024-9473
was published
Oct 9, 2024
Winlogon Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-43583
was published
Oct 8, 2024
Local active protection service settings manipulation due to unnecessary privileges assignment....
Moderate
Unreviewed
CVE-2024-8903
was published
Sep 23, 2024
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network...
High
Unreviewed
CVE-2024-38813
was published
Sep 17, 2024
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The...
Critical
Unreviewed
CVE-2024-8767
was published
Sep 17, 2024
OpenShift Builder has a path traversal, allows command injection in privileged BuildContainer
Critical
CVE-2024-7387
was published
for
github.com/openshift/builder
(Go)
Sep 17, 2024
A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information...
Critical
Unreviewed
CVE-2024-35783
was published
Sep 10, 2024
A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account...
Critical
Unreviewed
CVE-2024-42024
was published
Sep 7, 2024
Apache Airflow vulnerable to Execution with Unnecessary Privileges
High
CVE-2024-45034
was published
for
apache-airflow
(pip)
Sep 7, 2024
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2....
High
Unreviewed
CVE-2024-5622
was published
Aug 29, 2024
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated...
Moderate
Unreviewed
CVE-2024-5623
was published
Aug 29, 2024
A vulnerability in the software upgrade component of Cisco Application Policy Infrastructure...
Moderate
Unreviewed
CVE-2024-20478
was published
Aug 28, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0). The affected application...
High
Unreviewed
CVE-2024-36398
was published
Aug 13, 2024
Execution with unnecessary privileges in PerkinElmer ProcessPlus allows an attacker to spawn a...
Critical
Unreviewed
CVE-2024-6913
was published
Jul 22, 2024
A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated...
High
Unreviewed
CVE-2024-20435
was published
Jul 17, 2024
A vulnerability in APIML Spring Cloud Gateway which leverages user privileges by unexpected...
Critical
Unreviewed
CVE-2024-6834
was published
Jul 17, 2024
Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. ...
High
Unreviewed
CVE-2024-21184
was published
Jul 17, 2024
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has...
High
Unreviewed
CVE-2024-35154
was published
Jul 10, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain an execution with unnecessary...
Moderate
Unreviewed
CVE-2024-32853
was published
Jul 2, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain...
High
Unreviewed
CVE-2023-30998
was published
Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain...
High
Unreviewed
CVE-2023-30997
was published
Jun 27, 2024
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS...
Critical
Unreviewed
CVE-2024-3330
was published
Jun 27, 2024
ProTip!
Advisories are also available from the
GraphQL API