Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,831 advisories

Loading
Delegated Admin Privilege virtual attribute provider plugin, when enabled, allows an... High Unreviewed
CVE-2023-36496 was published Feb 2, 2024
Minio unsafe default: Access keys inherit `admin` of root user, allowing privilege escalation High
CVE-2024-24747 was published for github.com/minio/minio (Go) Feb 1, 2024
NiklasBeierl xSke
donatello
Credited to NiklasBeierl, xSke, and donatello
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and... High Unreviewed
CVE-2024-21888 was published Jan 31, 2024
In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been... High Unreviewed
CVE-2024-0219 was published Jan 31, 2024
In Telerik Reporting versions prior to 2024 R1, a privilege elevation vulnerability has been... High Unreviewed
CVE-2024-0832 was published Jan 31, 2024
In Telerik Test Studio versions prior to v2023.3.1330, a privilege elevation vulnerability has... High Unreviewed
CVE-2024-0833 was published Jan 31, 2024
HashiCorp Vault Improper Privilege Management Moderate
CVE-2020-10660 was published for github.com/hashicorp/vault (Go) Jan 30, 2024
andrewpollock
Credited to andrewpollock
HashiCorp Vault Improper Privilege Management Critical
CVE-2020-10661 was published for github.com/hashicorp/vault (Go) Jan 30, 2024
andrewpollock
Credited to andrewpollock
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,... Moderate Unreviewed
CVE-2024-0674 was published Jan 30, 2024
ONTAP 9 versions prior to 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 and 9.13.1P4 are susceptible... High Unreviewed
CVE-2024-21985 was published Jan 26, 2024
An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation.... High Unreviewed
CVE-2024-23620 was published Jan 26, 2024
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to... Critical Unreviewed
CVE-2024-22922 was published Jan 26, 2024
An issue in Coign CRM Portal v.06.06 allows a remote attacker to escalate privileges via the... High Unreviewed
CVE-2023-43317 was published Jan 24, 2024
An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local... High Unreviewed
CVE-2023-52093 was published Jan 23, 2024
An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud... High Unreviewed
CVE-2023-52337 was published Jan 23, 2024
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent... High Unreviewed
CVE-2023-47201 was published Jan 23, 2024
A malicious devtools extension could have been used to escalate privileges. This vulnerability... High Unreviewed
CVE-2024-0751 was published Jan 23, 2024
A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow... Moderate Unreviewed
CVE-2023-5080 was published Jan 19, 2024
The nearby module has a privilege escalation vulnerability. Successful exploitation of this... High Unreviewed
CVE-2023-52105 was published Jan 16, 2024
Data confidentiality vulnerability in the ScreenReader module. Successful exploitation of this... High Unreviewed
CVE-2023-52114 was published Jan 16, 2024
Vulnerability of permissions being not strictly verified in the WMS module. Successful... High Unreviewed
CVE-2023-52107 was published Jan 16, 2024
Permission management vulnerability in the multi-screen interaction module. Successful... High Unreviewed
CVE-2023-52116 was published Jan 16, 2024
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39... High Unreviewed
CVE-2023-6735 was published Jan 12, 2024
Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0... High Unreviewed
CVE-2023-6740 was published Jan 12, 2024
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version... High Unreviewed
CVE-2023-44250 was published Jan 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database