Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,141 advisories

Loading
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS... Moderate Unreviewed
CVE-2023-42924 was published Dec 12, 2023
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757,... High Unreviewed
CVE-2023-49580 was published Dec 12, 2023
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform... Low Unreviewed
CVE-2023-49578 was published Dec 12, 2023
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on... Critical Unreviewed
CVE-2023-6593 was published Dec 12, 2023
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak... Moderate Unreviewed
CVE-2023-25648 was published Dec 14, 2023
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the... Critical Unreviewed
CVE-2023-46141 was published Dec 14, 2023
Incorrect Permission Assignment for Critical Resource vulnerability in PHOENIX CONTACT MULTIPROG,... Critical Unreviewed
CVE-2023-0757 was published Dec 14, 2023
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows... High Unreviewed
CVE-2023-46142 was published Dec 14, 2023
A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing... Moderate Unreviewed
CVE-2023-7055 was published Dec 22, 2023
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular... Moderate Unreviewed
CVE-2023-41776 was published Jan 3, 2024
A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected... High Unreviewed
CVE-2023-44120 was published Jan 9, 2024
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-21305 was published Jan 9, 2024
The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due... Moderate Unreviewed
CVE-2023-6883 was published Jan 11, 2024
The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2023-6506 was published Jan 11, 2024
An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate... High Unreviewed
CVE-2023-49257 was published Jan 12, 2024
Permission management vulnerability in the multi-screen interaction module. Successful... High Unreviewed
CVE-2023-52116 was published Jan 16, 2024
Vulnerability of permissions being not strictly verified in the WMS module. Successful... High Unreviewed
CVE-2023-52107 was published Jan 16, 2024
Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some... Moderate Unreviewed
CVE-2023-38541 was published Jan 19, 2024
Record titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleter Moderate
CVE-2023-48714 was published for silverstripe/framework (Composer) Jan 23, 2024
Spring Cloud Contract vulnerable to local information disclosure Low
CVE-2024-22236 was published for org.springframework.cloud:spring-cloud-contract-shade (Maven) Jan 31, 2024
Privilege Escalation in HashiCorp Consul Moderate
CVE-2020-28053 was published for github.com/hashicorp/consul (Go) Jan 31, 2024
Moby (Docker Engine) Insufficiently restricted permissions on data directory Moderate
CVE-2021-41091 was published for github.com/docker/docker (Go) Jan 31, 2024
joanbm AlonZa
neersighted
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write... High Unreviewed
CVE-2024-22016 was published Feb 2, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in B&R Industrial Automation... High Unreviewed
CVE-2020-24681 was published Feb 2, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to... High Unreviewed
CVE-2023-47564 was published Feb 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database