Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

66 advisories

Loading
SpiceDB having multiple caveats on resources of the same type may improperly result in no permission Low
CVE-2024-46989 was published for github.com/authzed/spicedb (Go) Sep 18, 2024
tim-mod
Access permission verification vulnerability in the Notepad module Impact: Successful... Low Unreviewed
CVE-2024-42036 was published Aug 8, 2024
biscuit-auth vulnerable to public key confusion in third party block Low
CVE-2024-41949 was published for biscuit-auth (Rust) Jul 31, 2024
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®... Low Unreviewed
CVE-2024-6326 was published Jul 16, 2024
A local privilege escalation (LPE) vulnerability has been identified in Phish Alert Button for... Low Unreviewed
CVE-2024-29210 was published May 7, 2024
Improper Privilege Management in djangorestframework-simplejwt Low
CVE-2024-22513 was published for djangorestframework-simplejwt (pip) Mar 16, 2024
r3kumar dmdhrumilmistry
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-51433 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-23428 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2023-23430 was published Dec 29, 2023
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an... Low Unreviewed
CVE-2023-6793 was published Dec 13, 2023
The FACSChorus software does not properly assign data access privileges for operating system user... Low Unreviewed
CVE-2023-29066 was published Nov 28, 2023
Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows... Low Unreviewed
CVE-2023-30717 was published Sep 6, 2023
There is a permission and access control vulnerability in some ZTE mobile phones. Due to... Low Unreviewed
CVE-2023-25647 was published Aug 17, 2023
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1... Low Unreviewed
CVE-2023-21512 was published Jun 28, 2023
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar... Low Unreviewed
CVE-2023-21458 was published Mar 16, 2023
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1... Low Unreviewed
CVE-2022-4270 was published Dec 2, 2022
Byobu user preference to prevent private discussions being started are not respected Low
CVE-2022-35921 was published for fof/byobu (Composer) Aug 6, 2022
Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22,... Low Unreviewed
CVE-2022-36832 was published Aug 6, 2022
An elevation of privilege vulnerability exists in Windows store installer where WindowsApps... Low Unreviewed
CVE-2019-1270 was published May 24, 2022
Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a... Low Unreviewed
CVE-2021-31839 was published May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application... Low Unreviewed
CVE-2020-16852 was published May 24, 2022
Privilege Escalation vulnerability in the installer in McAfee McAfee Total Protection (MTP) trial... Low Unreviewed
CVE-2020-7310 was published May 24, 2022
An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on... Low Unreviewed
CVE-2020-1476 was published May 24, 2022
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file... Low Unreviewed
CVE-2020-1461 was published May 24, 2022
An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM)... Low Unreviewed
CVE-2020-1405 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API