GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,017 advisories
Filter by severity
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-21431
was published
Mar 12, 2024
Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions...
Moderate
Unreviewed
CVE-2024-28163
was published
Mar 12, 2024
Under certain condition SAP NetWeaver (Enterprise Portal) - version 7.50 allows an attacker to...
Moderate
Unreviewed
CVE-2024-25645
was published
Mar 12, 2024
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access...
Moderate
Unreviewed
CVE-2024-25644
was published
Mar 12, 2024
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform...
Critical
Unreviewed
CVE-2024-21915
was published
Feb 16, 2024
SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL...
Moderate
Unreviewed
CVE-2024-24740
was published
Feb 13, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to...
High
Unreviewed
CVE-2023-47564
was published
Feb 2, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in B&R Industrial Automation...
High
Unreviewed
CVE-2020-24681
was published
Feb 2, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write...
High
Unreviewed
CVE-2024-22016
was published
Feb 2, 2024
Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some...
Moderate
Unreviewed
CVE-2023-38541
was published
Jan 19, 2024
Permission management vulnerability in the multi-screen interaction module. Successful...
High
Unreviewed
CVE-2023-52116
was published
Jan 16, 2024
Vulnerability of permissions being not strictly verified in the WMS module. Successful...
High
Unreviewed
CVE-2023-52107
was published
Jan 16, 2024
An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate...
High
Unreviewed
CVE-2023-49257
was published
Jan 12, 2024
The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2023-6506
was published
Jan 11, 2024
The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due...
Moderate
Unreviewed
CVE-2023-6883
was published
Jan 11, 2024
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-21305
was published
Jan 9, 2024
A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected...
High
Unreviewed
CVE-2023-44120
was published
Jan 9, 2024
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular...
Moderate
Unreviewed
CVE-2023-41776
was published
Jan 3, 2024
A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing...
Moderate
Unreviewed
CVE-2023-7055
was published
Dec 22, 2023
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the...
Critical
Unreviewed
CVE-2023-46141
was published
Dec 14, 2023
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows...
High
Unreviewed
CVE-2023-46142
was published
Dec 14, 2023
Incorrect Permission Assignment for Critical Resource vulnerability in PHOENIX CONTACT MULTIPROG,...
Critical
Unreviewed
CVE-2023-0757
was published
Dec 14, 2023
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak...
Moderate
Unreviewed
CVE-2023-25648
was published
Dec 14, 2023
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on...
Critical
Unreviewed
CVE-2023-6593
was published
Dec 12, 2023
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform...
Low
Unreviewed
CVE-2023-49578
was published
Dec 12, 2023
ProTip!
Advisories are also available from the
GraphQL API