Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,419 advisories

Loading
Certain software builds for the TCL 20XE Android device contain a vulnerable, pre-installed app... High Unreviewed
CVE-2023-38292 was published Apr 22, 2024
Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit ... High Unreviewed
CVE-2024-4018 was published Apr 19, 2024
Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit ... High Unreviewed
CVE-2024-4017 was published Apr 19, 2024
ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are... High Unreviewed
CVE-2024-21989 was published Apr 17, 2024
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2024-21111 was published Apr 17, 2024
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The... High Unreviewed
CVE-2024-21059 was published Apr 17, 2024
Dusk plugin may allow unfettered user authentication in misconfigured installs High
CVE-2024-32003 was published for winter/wn-dusk-plugin (Composer) Apr 12, 2024
bennothommo
Credited to bennothommo
Windows Storage Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-29052 was published Apr 9, 2024
Microsoft Brokering File System Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-28904 was published Apr 9, 2024
Microsoft Brokering File System Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-28905 was published Apr 9, 2024
Microsoft Defender for IoT Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21324 was published Apr 9, 2024
NVIDIA ChatRTX for Windows contains a vulnerability in the UI, where an attacker can cause... High Unreviewed
CVE-2024-0082 was published Apr 9, 2024
Vulnerability of starting activities in the background in the ActivityManagerService (AMS) module... High Unreviewed
CVE-2023-52716 was published Apr 7, 2024
An issue in Secnet Security Network Intelligent AC Management System v.1.02.040 allows a local... High Unreviewed
CVE-2024-30977 was published Apr 5, 2024
In pblS2mpuResume of s2mpu.c, there is a possible mitigation bypass due to a logic error in the... High Unreviewed
CVE-2024-29741 was published Apr 5, 2024
Improper Privilege Management vulnerability in ExtremePacs Extreme XDS allows Collect Data as... High Unreviewed
CVE-2023-6522 was published Apr 5, 2024
ykman-gui (aka YubiKey Manager GUI) before 1.2.6 on Windows, when Edge is not used, allows... High Unreviewed
CVE-2024-31498 was published Apr 5, 2024
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper privilege management... High Unreviewed
CVE-2024-0172 was published Apr 3, 2024
UVDesk Community Helpdesk Improper Privilege Management High
CVE-2024-3137 was published for uvdesk/core-framework (Composer) Apr 2, 2024
Improper Privilege Management vulnerability in Apache Fineract.This issue affects Apache Fineract... High Unreviewed
CVE-2024-23537 was published Mar 29, 2024
A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66... High Unreviewed
CVE-2023-40289 was published Mar 27, 2024
In some rare cases, there is a password type validation missing in Revert Password check and for... High Unreviewed
CVE-2023-41972 was published Mar 26, 2024
By leveraging the vulnerability, lower-privileged users of Content Manager can manipulate Content... High Unreviewed
CVE-2024-1973 was published Mar 26, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'),... High Unreviewed
CVE-2024-24892 was published Mar 25, 2024
This vulnerability allows an authenticated user to perform a Lifecycle Manager flow or other... High Unreviewed
CVE-2024-2228 was published Mar 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database