Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,822 advisories

Loading
Improper Privilege Management vulnerability in favethemes Houzez Login Register allows Privilege... Critical Unreviewed
CVE-2023-26009 was published May 17, 2024
Improper input validation in PfrSmiUpdateFw driver in UEFI firmware for some Intel(R) Server... High Unreviewed
CVE-2024-24981 was published May 16, 2024
Exposure of resource to wrong sphere in some Intel(R) DTT software installers may allow an... High Unreviewed
CVE-2024-21813 was published May 16, 2024
Uncontrolled search path element in some Intel(R) VTune(TM) Profiler software before version 2024... Moderate Unreviewed
CVE-2023-45320 was published May 16, 2024
Uncontrolled search path for some Intel(R) CST software before version 2.1.10300 may allow an... Moderate Unreviewed
CVE-2023-40155 was published May 16, 2024
Grav Vulnerable to Arbitrary File Read to Account Takeover High
CVE-2024-34082 was published for getgrav/grav (Composer) May 15, 2024
richighimi
Credited to richighimi
Improper Privilege Management vulnerability in Teplitsa of social technologies Leyka allows... High Unreviewed
CVE-2023-33327 was published May 15, 2024
Reportico Web fails to invalidate cookies upon logout Moderate
CVE-2024-31556 was published for reportico-web/reportico (Composer) May 14, 2024
Microsoft Brokering File System Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-30007 was published May 14, 2024
All versions of EnterpriseDB Postgres Advanced Server (EPAS) from 15.0 prior to 15.7.0 and from... High Unreviewed
CVE-2024-4545 was published May 14, 2024
An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with... Moderate Unreviewed
CVE-2024-31953 was published May 14, 2024
An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker... High Unreviewed
CVE-2024-22774 was published May 14, 2024
NVIDIA ChatRTX for Windows contains a vulnerability in Chat RTX UI, where a user can cause an... High Unreviewed
CVE-2024-0096 was published May 14, 2024
NVIDIA ChatRTX for Windows contains a vulnerability in ChatRTX UI, where a user can cause an... High Unreviewed
CVE-2024-0097 was published May 14, 2024
Improper privilege management vulnerability in Lunar software that affects versions 6.0.2 through... High Unreviewed
CVE-2024-3507 was published May 8, 2024
VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with... High Unreviewed
CVE-2024-22264 was published May 8, 2024
In migrateNotificationFilter of NotificationManagerService.java, there is a possible failure to... High Unreviewed
CVE-2024-23713 was published May 7, 2024
In assertPackageWithSharedUserIdIsPrivileged of InstallPackageHelper.java, there is a possible... High Unreviewed
CVE-2024-23710 was published May 7, 2024
In multiple methods of UserManagerService.java, there is a possible failure to persist or enforce... High Unreviewed
CVE-2024-0024 was published May 7, 2024
Neo4j Cypher component mishandles IMMUTABLE privileges Moderate
CVE-2024-34517 was published for org.neo4j:neo4j-cypher (Maven) May 7, 2024
irene221b
Credited to irene221b
A local privilege escalation (LPE) vulnerability has been identified in Phish Alert Button for... Low Unreviewed
CVE-2024-29210 was published May 7, 2024
An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180... High Unreviewed
CVE-2024-29150 was published May 7, 2024
In atf spm, there is a possible way to remap physical memory to virtual memory due to a logic... Moderate Unreviewed
CVE-2024-20021 was published May 6, 2024
piraeus-operator allows attacker to impersonate service account High
CVE-2024-33398 was published for github.com/piraeusdatastore/piraeus-operator/v2 (Go) May 3, 2024
Jenkins Git server Plugin does not perform a permission check Moderate
CVE-2024-34146 was published for org.jenkins-ci.plugins:git-server (Maven) May 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database