Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,824 advisories

Loading
A command injection issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66... High Unreviewed
CVE-2023-40289 was published Mar 27, 2024
In some rare cases, there is a password type validation missing in Revert Password check and for... High Unreviewed
CVE-2023-41972 was published Mar 26, 2024
By leveraging the vulnerability, lower-privileged users of Content Manager can manipulate Content... High Unreviewed
CVE-2024-1973 was published Mar 26, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'),... High Unreviewed
CVE-2024-24892 was published Mar 25, 2024
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-26247 was published Mar 23, 2024
This vulnerability allows an authenticated user to perform a Lifecycle Manager flow or other... High Unreviewed
CVE-2024-2228 was published Mar 22, 2024
In the Windows installer in Atos Eviden CardOS API before 5.5.5.2811, Local Privilege Escalation... High Unreviewed
CVE-2023-41099 was published Mar 22, 2024
IBM Storage Protect Plus Server 10.1.0 through 10.1.16 could allow an authenticated user with... Moderate Unreviewed
CVE-2023-47715 was published Mar 21, 2024
An issue was discovered in tramyardg autoexpress version 1.3.0, allows unauthenticated remote... Critical Unreviewed
CVE-2023-48902 was published Mar 21, 2024
An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that... Moderate Unreviewed
CVE-2024-1908 was published Mar 21, 2024
As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was... High Unreviewed
CVE-2024-2390 was published Mar 18, 2024
Improper Privilege Management in djangorestframework-simplejwt Low
CVE-2024-22513 was published for djangorestframework-simplejwt (pip) Mar 16, 2024
r3kumar dmdhrumilmistry
Credited to r3kumar and dmdhrumilmistry
Users with `create` but not `override` privileges can perform local sync Moderate
CVE-2023-50726 was published for github.com/argoproj/argo-cd (Go) Mar 15, 2024
crenshaw-dev
Credited to crenshaw-dev
An issue in NETGEAR-DGND4000 v.1.1.00.15_1.00.15 allows a remote attacker to escalate privileges... High Unreviewed
CVE-2023-50677 was published Mar 15, 2024
SQL injection vulnerability in FME Modules quickproducttable module for PrestaShop v.1.2.1 and... Critical Unreviewed
CVE-2024-28391 was published Mar 14, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows... Moderate Unreviewed
CVE-2024-2432 was published Mar 13, 2024
An issue in the Palo Alto Networks GlobalProtect app enables a non-privileged user to disable the... Moderate Unreviewed
CVE-2024-2431 was published Mar 13, 2024
An improper authorization vulnerability in Palo Alto Networks Panorama software enables an... Moderate Unreviewed
CVE-2024-2433 was published Mar 13, 2024
A vulnerability in the Secure Copy Protocol (SCP) and SFTP feature of Cisco IOS XR Software could... Moderate Unreviewed
CVE-2024-20262 was published Mar 13, 2024
The FTL Server component of TIBCO Software Inc.'s TIBCO FTL - Enterprise Edition contains a... High Unreviewed
CVE-2024-1138 was published Mar 12, 2024
Windows Error Reporting Service Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-26169 was published Mar 12, 2024
In ppcfw_init_secpolicy of ppcfw.c, there is a possible permission bypass due to uninitialized... High Unreviewed
CVE-2024-27233 was published Mar 11, 2024
In onSkipButtonClick of FaceEnrollFoldPage.java, there is a possible way to access the file the... High Unreviewed
CVE-2024-27222 was published Mar 11, 2024
Android kernel allows Elevation of privilege. Critical Unreviewed
CVE-2024-27207 was published Mar 11, 2024
In strncpy of strncpy.c, there is a possible out of bounds write due to a missing bounds check.... High Unreviewed
CVE-2024-27224 was published Mar 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database