Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,106 advisories

Loading
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform... High Unreviewed
CVE-2023-50957 was published Feb 10, 2024
An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message... High Unreviewed
CVE-2023-26236 was published Oct 5, 2023
ZITADEL's Service Users Deactivation not Working High
CVE-2024-47000 was published for github.com/zitadel/zitadel/v2 (Go) Sep 19, 2024
livio-a fforootd
ZITADEL's User Grant Deactivation not Working High
CVE-2024-46999 was published for github.com/zitadel/zitadel/v2 (Go) Sep 19, 2024
livio-a fforootd
Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated user... High Unreviewed
CVE-2023-34118 was published Jul 11, 2023
Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated... High Unreviewed
CVE-2023-36537 was published Jul 11, 2023
Local privilege escalation during installation due to improper soft link handling. The following... High Unreviewed
CVE-2022-46869 was published Aug 31, 2023
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for... High Unreviewed
CVE-2023-34120 was published Jun 13, 2023
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure... High Unreviewed
CVE-2024-45752 was published Sep 19, 2024
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to... High Unreviewed
CVE-2024-7960 was published Sep 12, 2024
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The... High Unreviewed
CVE-2024-8533 was published Sep 12, 2024
The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on... High Unreviewed
CVE-2013-0643 was published May 14, 2022
External Secrets Operator vulnerable to privilege escalation High
CVE-2024-45041 was published for github.com/external-secrets/external-secrets (Go) Sep 9, 2024
younaman
An Incorrect Access Control vulnerability was found in /music/index.php?page=user_list and /music... High Unreviewed
CVE-2024-42798 was published Sep 16, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may... High Unreviewed
CVE-2024-40861 was published Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 18 and... High Unreviewed
CVE-2024-44147 was published Sep 17, 2024
An issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, before 22.7 and... High Unreviewed
CVE-2023-43120 was published Oct 16, 2023
Vulnerability in the Oracle Communications Convergence product of Oracle Communications... High Unreviewed
CVE-2023-21848 was published Jan 18, 2023
Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported... High Unreviewed
CVE-2023-21896 was published Apr 18, 2023
In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated... High Unreviewed
CVE-2022-22521 was published Apr 28, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2023-21990 was published Apr 18, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2023-21987 was published Apr 18, 2023
Podman publishes a malicious image to public registries High
CVE-2022-1227 was published for github.com/containers/podman/v3 (Go) Apr 30, 2022
andrewpollock
The Login with phone number plugin for WordPress is vulnerable to privilege escalation in all... High Unreviewed
CVE-2024-6482 was published Sep 16, 2024
The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for... High Unreviewed
CVE-2024-8246 was published Sep 16, 2024
ProTip! Advisories are also available from the GraphQL API