Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,458
Erlang
33
GitHub Actions
22
Go
2,156
Maven
5,000+
npm
3,818
NuGet
693
pip
3,497
Pub
12
RubyGems
903
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during... High Unreviewed
CVE-2024-32488 was published Apr 15, 2024
Mautic Sensitive Data Exposure due to inadequate user permission settings High
CVE-2022-25776 was published for mautic/core (Composer) Apr 12, 2024
lenonleite
Matrix IRC Bridge truncated content of messages can be leaked Moderate
CVE-2024-32000 was published for matrix-appservice-irc (npm) Apr 11, 2024
progval
Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful... High Unreviewed
CVE-2023-52537 was published Apr 8, 2024
Vulnerability of insufficient permission verification in the app management module. Impact:... High Unreviewed
CVE-2024-30418 was published Apr 7, 2024
there is a possible way to bypass due to a logic error in the code. This could lead to local... High Unreviewed
CVE-2024-29748 was published Apr 5, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS... High Unreviewed
CVE-2023-42931 was published Mar 28, 2024
In some rare cases, there is a password type validation missing in Revert Password check and for... High Unreviewed
CVE-2023-41972 was published Mar 26, 2024
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before.... High Unreviewed
CVE-2024-22078 was published Mar 20, 2024
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. The... Moderate Unreviewed
CVE-2024-22077 was published Mar 20, 2024
A vulnerability was found in 3Scale, when used with Keycloak 15 (or RHSSO 7.5.0) and superiors.... Moderate Unreviewed
CVE-2024-0560 was published Feb 28, 2024
In OPPO Usercenter Credit SDK, there's a possible escalation of privilege due to loose permission... Critical Unreviewed
CVE-2024-1608 was published Feb 20, 2024
Pixelfed doesn't check OAuth Scopes in API routes, giving elevated permissions Critical
CVE-2024-25108 was published for pixelfed/pixelfed (Composer) Feb 12, 2024
ThisIsMissEm nivenly-foundation
Dell Power Manager, versions prior to 3.14, contain an Improper Authorization vulnerability in... High Unreviewed
CVE-2023-25543 was published Feb 6, 2024
Quarkus Improper Handling of Insufficient Permissions or Privileges and Improper Handling of Exceptional Conditions vulnerability High
CVE-2023-6267 was published for io.quarkus.resteasy.reactive:resteasy-reactive (Maven) Jan 25, 2024
Missing access permissions checks in the M-Files server before 23.11.13156.0 allow attackers... Moderate Unreviewed
CVE-2023-6189 was published Nov 22, 2023
Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an... High Unreviewed
CVE-2023-43591 was published Nov 15, 2023
Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient... Moderate Unreviewed
CVE-2023-43087 was published Nov 2, 2023
Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker... Moderate Unreviewed
CVE-2023-32489 was published Aug 16, 2023
Missing access permissions checks in M-Files Client before 23.5.12598.0 allows elevation of... High Unreviewed
CVE-2023-2480 was published May 25, 2023
Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 ... Moderate Unreviewed
CVE-2023-2020 was published Apr 18, 2023
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer... High Unreviewed
CVE-2023-0181 was published Apr 1, 2023
Apiman vulnerable to permissions bypass due to missing check on API key URL Moderate
CVE-2023-28640 was published for io.apiman:apiman-manager-api-rest-impl (Maven) Mar 27, 2023
volkflo
`cilium-cli` disables etcd authorization for clustermesh clusters Moderate
CVE-2023-28114 was published for github.com/cilium/cilium-cli (Go) Mar 21, 2023
giorio94
Xuxueli xxl-job allows attacker to obtain sensitive information via the pageList parameter High
CVE-2023-27087 was published for com.xuxueli:xxl-job (Maven) Mar 21, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database