Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

662 advisories

Loading
In firewall service, there is a missing permission check. This could lead to local escalation of... High Unreviewed
CVE-2022-47361 was published Feb 12, 2023
An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers... High Unreviewed
CVE-2021-28375 was published May 24, 2022
An elevation of privilege vulnerability exists when reparse points are created by sandboxed... High Unreviewed
CVE-2019-1170 was published May 24, 2022
The Plus Addons for Elementor plugin for WordPress is vulnerable to privilege escalation in... High Unreviewed
CVE-2021-4331 was published Mar 7, 2023
In onContextItemSelected of NetworkProviderSettings.java, there is a possible way for users to... High Unreviewed
CVE-2023-21001 was published Mar 24, 2023
Missing authentication in ShenYu High
CVE-2022-23945 was published for org.apache.shenyu:shenyu-common (Maven) Jan 28, 2022
tdunlap607
The ProfileGrid WordPress plugin before 5.3.1 provides an AJAX endpoint for resetting a user... High Unreviewed
CVE-2023-0940 was published Mar 20, 2023
In onPrepareOptionsMenu of AppInfoDashboardFragment.java, there is a possible way to bypass admin... High Unreviewed
CVE-2023-20955 was published Mar 24, 2023
In AddSupervisedUserActivity, guest users are not prevented from starting the activity due to... High Unreviewed
CVE-2023-20959 was published Mar 24, 2023
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible... High Unreviewed
CVE-2023-21015 was published Mar 24, 2023
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible... High Unreviewed
CVE-2023-21005 was published Mar 24, 2023
In isTargetSdkLessThanQOrPrivileged of WifiServiceImpl.java, there is a possible way for the... High Unreviewed
CVE-2023-21021 was published Mar 24, 2023
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible... High Unreviewed
CVE-2023-21002 was published Mar 24, 2023
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible... High Unreviewed
CVE-2023-21003 was published Mar 24, 2023
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible... High Unreviewed
CVE-2023-21004 was published Mar 24, 2023
A vulnerability has been found in Ellucian Banner Web Tailor 8.6 and classified as critical. This... High Unreviewed
CVE-2023-1632 was published Mar 25, 2023
The Gallery Blocks with Lightbox WordPress plugin before 3.0.8 has an AJAX endpoint that can be... High Unreviewed
CVE-2023-0441 was published Mar 27, 2023
MuYuCMS v2.2 was discovered to contain an arbitrary file deletion vulnerability via the component... High Unreviewed
CVE-2023-27701 was published Mar 28, 2023
The WCFM Marketplace plugin for WordPress is vulnerable to unauthorized modification and access... High Unreviewed
CVE-2022-4935 was published Apr 5, 2023
HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation High
CVE-2023-1782 was published for github.com/hashicorp/nomad (Go) Apr 5, 2023
Apache James server's JMX management service vulnerable to privilege escalation by local user High
CVE-2023-26269 was published for org.apache.james:javax-mail-extension (Maven) Apr 3, 2023
The WCFM Frontend Manager plugin for WordPress is vulnerable to unauthorized modification and... High Unreviewed
CVE-2022-4937 was published Apr 5, 2023
An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a... High Unreviewed
CVE-2019-18666 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Doorkeeper High
CVE-2020-10187 was published for doorkeeper (RubyGems) May 7, 2020
stefansundin nbulaj
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing... High Unreviewed
CVE-2017-7548 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database