Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,776 advisories

Loading
Privilege escalation vulnerability identified in OpenText ArcSight Intelligence. Moderate Unreviewed
CVE-2024-6359 was published Aug 6, 2024
Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain... High Unreviewed
CVE-2024-43199 was published Aug 7, 2024
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product... High Unreviewed
CVE-2024-22069 was published Aug 8, 2024
Access permission verification vulnerability in the Notepad module Impact: Successful... Low Unreviewed
CVE-2024-42036 was published Aug 8, 2024
An Improper access control vulnerability was found in Avaya Aura System Manager which could allow... Moderate Unreviewed
CVE-2024-7480 was published Aug 8, 2024
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a... Moderate Unreviewed
CVE-2024-6758 was published Aug 12, 2024
An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The zmmailboxdmgr binary, a... High Unreviewed
CVE-2024-27442 was published Aug 12, 2024
An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via... High Unreviewed
CVE-2023-48171 was published Aug 12, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2024-41903 was published Aug 13, 2024
Improper Privilege Management vulnerability in realmag777 HUSKY allows Privilege Escalation.This... Critical Unreviewed
CVE-2024-43121 was published Aug 13, 2024
Improper Privilege Management vulnerability in WofficeIO Woffice allows Privilege Escalation.This... Critical Unreviewed
CVE-2024-43153 was published Aug 13, 2024
Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network... Critical Unreviewed
CVE-2024-21807 was published Aug 14, 2024
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom... Moderate Unreviewed
CVE-2024-42440 was published Aug 14, 2024
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom... Moderate Unreviewed
CVE-2024-42441 was published Aug 14, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due... High Unreviewed
CVE-2024-34743 was published Aug 16, 2024
In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for... High Unreviewed
CVE-2024-34741 was published Aug 16, 2024
VTiger CRM <= 8.1.0 does not correctly check user privileges. A low-privileged user can interact... High Unreviewed
CVE-2024-42995 was published Aug 16, 2024
Microcks's POST /api/import and POST /api/export endpoints allow non-administrator access High
CVE-2024-44076 was published for io.github.microcks:microcks-app (Maven) Aug 19, 2024
Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege... Critical Unreviewed
CVE-2024-43240 was published Aug 19, 2024
Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This... Critical Unreviewed
CVE-2024-43245 was published Aug 19, 2024
Improper Privilege Management vulnerability in Geek Code Lab Login As Users allows Privilege... Critical Unreviewed
CVE-2024-43311 was published Aug 19, 2024
In XWiki Platform, payloads stored in content is executed when a user with script/programming right edit them Critical
CVE-2024-43401 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Aug 19, 2024
floerer
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could... Critical Unreviewed
CVE-2024-33872 was published Aug 20, 2024
Withdrawn Advisory: Kanister vulnerable to cluster-level privilege escalation Moderate
CVE-2024-43403 was published for github.com/kanisterio/kanister (Go) Aug 20, 2024 withdrawn
younaman hairyhum
Dell Repository Manager version 3.4.2 and earlier, contain a Local Privilege Escalation... High Unreviewed
CVE-2023-22576 was published Aug 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database