GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,370 advisories
Filter by severity
SpiceDB having multiple caveats on resources of the same type may improperly result in no permission
Moderate
CVE-2024-46989
was published
for
github.com/authzed/spicedb
(Go)
Sep 18, 2024
OpenShift Controller Manager Improper Privilege Management
Moderate
CVE-2024-45496
was published
for
github.com/openshift/openshift-controller-manager
(Go)
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 18 and...
High
Unreviewed
CVE-2024-44147
was published
Sep 17, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may...
High
Unreviewed
CVE-2024-40861
was published
Sep 17, 2024
An Incorrect Access Control vulnerability was found in /music/index.php?page=user_list and /music...
High
Unreviewed
CVE-2024-42798
was published
Sep 16, 2024
The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for...
High
Unreviewed
CVE-2024-8246
was published
Sep 16, 2024
The Login with phone number plugin for WordPress is vulnerable to privilege escalation in all...
High
Unreviewed
CVE-2024-6482
was published
Sep 16, 2024
An issue was discovered in Vaultwarden (formerly Bitwarden_RS) 1.30.3. It lacks an offboarding...
High
Unreviewed
CVE-2024-39925
was published
Sep 13, 2024
An issue was discovered in Vaultwarden (formerly Bitwarden_RS) 1.30.3. A vulnerability has been...
High
Unreviewed
CVE-2024-39924
was published
Sep 13, 2024
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to...
High
Unreviewed
CVE-2024-7960
was published
Sep 12, 2024
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The...
High
Unreviewed
CVE-2024-8533
was published
Sep 12, 2024
Local privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix...
Moderate
Unreviewed
CVE-2024-7890
was published
Sep 12, 2024
The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of...
High
Unreviewed
CVE-2024-5760
was published
Sep 11, 2024
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized
access,...
High
Unreviewed
CVE-2024-8306
was published
Sep 11, 2024
In addPreferencesForType of AccountTypePreferenceLoader.java, there is a possible way to disable...
High
Unreviewed
CVE-2024-40657
was published
Sep 11, 2024
In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to...
High
Unreviewed
CVE-2024-40658
was published
Sep 11, 2024
In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper...
High
Unreviewed
CVE-2024-40662
was published
Sep 11, 2024
An issue in the component /jeecg-boot/jmreport/dict/list of JimuReport v1.7.8 allows attacker to...
Critical
Unreviewed
CVE-2024-44893
was published
Sep 10, 2024
Microsoft SQL Server Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-37980
was published
Sep 10, 2024
Windows Installer Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38014
was published
Sep 10, 2024
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A...
Moderate
Unreviewed
CVE-2024-39574
was published
Sep 10, 2024
External Secrets Operator vulnerable to privilege escalation
High
CVE-2024-45041
was published
for
github.com/external-secrets/external-secrets
(Go)
Sep 9, 2024
The WPCOM Member plugin for WordPress is vulnerable to privilege escalation in all versions up to...
Critical
Unreviewed
CVE-2024-7493
was published
Sep 6, 2024
The Newsletters plugin for WordPress is vulnerable to privilege escalation in all versions up to,...
High
Unreviewed
CVE-2024-8247
was published
Sep 6, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Due to improper privilege...
High
Unreviewed
CVE-2024-45173
was published
Sep 5, 2024
ProTip!
Advisories are also available from the
GraphQL API