GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,106 advisories
Filter by severity
IBM Storage Defender - Resiliency Service 2.0 could allow a privileged user to perform...
High
Unreviewed
CVE-2023-50957
was published
Feb 10, 2024
An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message...
High
Unreviewed
CVE-2023-26236
was published
Oct 5, 2023
ZITADEL's Service Users Deactivation not Working
High
CVE-2024-47000
was published
for
github.com/zitadel/zitadel/v2
(Go)
Sep 19, 2024
ZITADEL's User Grant Deactivation not Working
High
CVE-2024-46999
was published
for
github.com/zitadel/zitadel/v2
(Go)
Sep 19, 2024
Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated user...
High
Unreviewed
CVE-2023-34118
was published
Jul 11, 2023
Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated...
High
Unreviewed
CVE-2023-36537
was published
Jul 11, 2023
Local privilege escalation during installation due to improper soft link handling. The following...
High
Unreviewed
CVE-2022-46869
was published
Aug 31, 2023
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for...
High
Unreviewed
CVE-2023-34120
was published
Jun 13, 2023
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure...
High
Unreviewed
CVE-2024-45752
was published
Sep 19, 2024
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to...
High
Unreviewed
CVE-2024-7960
was published
Sep 12, 2024
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The...
High
Unreviewed
CVE-2024-8533
was published
Sep 12, 2024
The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on...
High
Unreviewed
CVE-2013-0643
was published
May 14, 2022
External Secrets Operator vulnerable to privilege escalation
High
CVE-2024-45041
was published
for
github.com/external-secrets/external-secrets
(Go)
Sep 9, 2024
An Incorrect Access Control vulnerability was found in /music/index.php?page=user_list and /music...
High
Unreviewed
CVE-2024-42798
was published
Sep 16, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may...
High
Unreviewed
CVE-2024-40861
was published
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 18 and...
High
Unreviewed
CVE-2024-44147
was published
Sep 17, 2024
An issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, before 22.7 and...
High
Unreviewed
CVE-2023-43120
was published
Oct 16, 2023
Vulnerability in the Oracle Communications Convergence product of Oracle Communications...
High
Unreviewed
CVE-2023-21848
was published
Jan 18, 2023
Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported...
High
Unreviewed
CVE-2023-21896
was published
Apr 18, 2023
In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated...
High
Unreviewed
CVE-2022-22521
was published
Apr 28, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
High
Unreviewed
CVE-2023-21990
was published
Apr 18, 2023
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ...
High
Unreviewed
CVE-2023-21987
was published
Apr 18, 2023
Podman publishes a malicious image to public registries
High
CVE-2022-1227
was published
for
github.com/containers/podman/v3
(Go)
Apr 30, 2022
The Login with phone number plugin for WordPress is vulnerable to privilege escalation in all...
High
Unreviewed
CVE-2024-6482
was published
Sep 16, 2024
The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for...
High
Unreviewed
CVE-2024-8246
was published
Sep 16, 2024
ProTip!
Advisories are also available from the
GraphQL API