Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,305 advisories

Loading
The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and... Critical Unreviewed
CVE-2024-8853 was published Sep 20, 2024
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure... High Unreviewed
CVE-2024-45752 was published Sep 19, 2024
SpiceDB having multiple caveats on resources of the same type may improperly result in no permission Low
CVE-2024-46989 was published for github.com/authzed/spicedb (Go) Sep 18, 2024
tim-mod
OpenShift Controller Manager Improper Privilege Management Critical
CVE-2024-45496 was published for github.com/openshift/openshift-controller-manager (Go) Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 18 and... High Unreviewed
CVE-2024-44147 was published Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may... High Unreviewed
CVE-2024-40861 was published Sep 17, 2024
An Incorrect Access Control vulnerability was found in /music/index.php?page=user_list and /music... High Unreviewed
CVE-2024-42798 was published Sep 16, 2024
The Login with phone number plugin for WordPress is vulnerable to privilege escalation in all... High Unreviewed
CVE-2024-6482 was published Sep 16, 2024
The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for... High Unreviewed
CVE-2024-8246 was published Sep 16, 2024
An issue was discovered in Vaultwarden (formerly Bitwarden_RS) 1.30.3. A vulnerability has been... High Unreviewed
CVE-2024-39924 was published Sep 13, 2024
An issue was discovered in Vaultwarden (formerly Bitwarden_RS) 1.30.3. It lacks an offboarding... High Unreviewed
CVE-2024-39925 was published Sep 13, 2024
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to... High Unreviewed
CVE-2024-7960 was published Sep 12, 2024
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The... High Unreviewed
CVE-2024-8533 was published Sep 12, 2024
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix... Moderate Unreviewed
CVE-2024-7890 was published Sep 12, 2024
The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of... High Unreviewed
CVE-2024-5760 was published Sep 11, 2024
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access,... High Unreviewed
CVE-2024-8306 was published Sep 11, 2024
In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper... High Unreviewed
CVE-2024-40662 was published Sep 11, 2024
In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to... High Unreviewed
CVE-2024-40658 was published Sep 11, 2024
In addPreferencesForType of AccountTypePreferenceLoader.java, there is a possible way to disable... High Unreviewed
CVE-2024-40657 was published Sep 11, 2024
An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to... Critical Unreviewed
CVE-2024-44893 was published Sep 10, 2024
Windows Installer Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38014 was published Sep 10, 2024
Microsoft SQL Server Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-37980 was published Sep 10, 2024
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A... Moderate Unreviewed
CVE-2024-39574 was published Sep 10, 2024
External Secrets Operator vulnerable to privilege escalation High
CVE-2024-45041 was published for github.com/external-secrets/external-secrets (Go) Sep 9, 2024
younaman
The WPCOM Member plugin for WordPress is vulnerable to privilege escalation in all versions up to... Critical Unreviewed
CVE-2024-7493 was published Sep 6, 2024
ProTip! Advisories are also available from the GraphQL API