Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,269
NuGet
760
pip
4,062
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,422 advisories

Loading
A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a... High Unreviewed
CVE-2023-36628 was published Oct 3, 2023
Integrated application server for IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege... High Unreviewed
CVE-2023-40375 was published Sep 28, 2023
Permission control vulnerability in the MediaPlaybackController module. Successful exploitation... High Unreviewed
CVE-2023-41309 was published Sep 27, 2023
Vulnerability of unauthorized API access in the PMS module. Successful exploitation of this... High Unreviewed
CVE-2023-41301 was published Sep 25, 2023
Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler.... High Unreviewed
CVE-2023-43766 was published Sep 22, 2023
Improper Privilege Management vulnerability in Yepas Digital Yepas allows Collect Data as... High Unreviewed
CVE-2023-4972 was published Sep 14, 2023
In updateList of NotificationAccessSettings.java, there is a possible way to hide approved... High Unreviewed
CVE-2023-35667 was published Sep 11, 2023
In createQuickShareAction of SaveImageInBackgroundTask.java, there is a possible way to trigger a... High Unreviewed
CVE-2023-35676 was published Sep 11, 2023
The MasterStudy LMS WordPress Plugin WordPress plugin before 3.0.18 does not have proper checks... High Unreviewed
CVE-2023-4278 was published Sep 11, 2023
In onCreate of WindowState.java, there is a possible way to launch a background activity due to a... High Unreviewed
CVE-2023-35674 was published Sep 11, 2023
SearchBlox before Version 9.2.1 is vulnerable to Privileged Escalation-Lower user is able to... High Unreviewed
CVE-2020-10129 was published Sep 6, 2023
A logic issue was addressed with improved state management. This issue is fixed in Pro Video... High Unreviewed
CVE-2023-29166 was published Sep 6, 2023
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An... High Unreviewed
CVE-2023-32426 was published Sep 6, 2023
BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig... High Unreviewed
CVE-2020-35593 was published Sep 5, 2023
KnowStreaming 3.3.0 is vulnerable to Escalation of Privileges. Unauthorized users can create a... High Unreviewed
CVE-2023-40918 was published Sep 5, 2023
Privilege Escalation on Linux/MacOS High
CVE-2023-28434 was published for github.com/minio/minio (Go) Sep 5, 2023
donatello harshavardhana
RicterZ
Credited to donatello, harshavardhana, and RicterZ
usememos/memos vulnerable to privilege escalation High
CVE-2023-4697 was published for github.com/usememos/memos (Go) Sep 1, 2023
Local privilege escalation during installation due to improper soft link handling. The following... High Unreviewed
CVE-2022-46869 was published Aug 31, 2023
Local privilege escalation due to insecure driver communication port permissions. The following... High Unreviewed
CVE-2023-41743 was published Aug 31, 2023
Local privilege escalation due to insecure driver communication port permissions. The following... High Unreviewed
CVE-2022-45451 was published Aug 31, 2023
The WP Project Manager plugin for WordPress is vulnerable to privilege escalation in versions up... High Unreviewed
CVE-2023-3636 was published Aug 31, 2023
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM),... High Unreviewed
CVE-2023-20266 was published Aug 30, 2023
Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management... High Unreviewed
CVE-2023-32457 was published Aug 29, 2023
A privilege escalation vulnerability exists in the experimental policy mechanism in all active... High Unreviewed
CVE-2023-32559 was published Aug 24, 2023
An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain... High Unreviewed
CVE-2021-35309 was published Aug 22, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database