Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,834 advisories

Loading
Privilege escalation in mk_tsm agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39... High Unreviewed
CVE-2023-6735 was published Jan 12, 2024
Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0... High Unreviewed
CVE-2023-6740 was published Jan 12, 2024
An improper privilege management vulnerability [CWE-269] in a Fortinet FortiOS HA cluster version... High Unreviewed
CVE-2023-44250 was published Jan 10, 2024
IBM Db2 for Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a local user... High Unreviewed
CVE-2023-47145 was published Jan 7, 2024
Kruise allows leveraging the kruise-daemon pod to list all secrets in the entire cluster Moderate
CVE-2023-30617 was published for github.com/openkruise/kruise (Go) Jan 5, 2024
Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro Moderate Unreviewed
CVE-2023-41784 was published Jan 4, 2024
Craft CMS Privilege Escalation Moderate
CVE-2024-21622 was published for craftcms/cms (Composer) Jan 3, 2024
johnax0
Credited to johnax0
Arbitrary remote code execution within `wrangler dev` Workers sandbox Critical
CVE-2023-7080 was published for wrangler (npm) Jan 3, 2024
Lekensteyn
Credited to Lekensteyn
An issue was discovered on GL.iNet devices through 4.5.0. Attackers can invoke the add_user... Critical Unreviewed
CVE-2023-50921 was published Jan 3, 2024
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular... Moderate Unreviewed
CVE-2023-41776 was published Jan 3, 2024
 In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a     possible way to access... Critical Unreviewed
CVE-2023-48418 was published Jan 3, 2024
An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in... Critical Unreviewed
CVE-2023-48419 was published Jan 2, 2024
Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS... High Unreviewed
CVE-2023-6998 was published Dec 30, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-51433 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... High Unreviewed
CVE-2023-51435 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-51430 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-51429 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-23438 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-23429 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-23427 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-23430 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-23428 was published Dec 29, 2023
A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd... Moderate Unreviewed
CVE-2023-7090 was published Dec 24, 2023
Improper privilege management allowed arbitrary workflows to be committed and run using an... Moderate Unreviewed
CVE-2023-6804 was published Dec 21, 2023
Improper privilege management in all versions of GitHub Enterprise Server allows users with... High Unreviewed
CVE-2023-46647 was published Dec 21, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database