Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,801
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,010
NuGet
720
pip
3,810
Pub
12
RubyGems
930
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

882 advisories

Loading
The issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1,... Moderate Unreviewed
CVE-2023-42952 was published Feb 21, 2024
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor... Moderate Unreviewed
CVE-2024-22235 was published Feb 21, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2... Moderate Unreviewed
CVE-2024-1250 was published Feb 12, 2024
Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client... Moderate Unreviewed
CVE-2024-23764 was published Feb 8, 2024
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user... Moderate Unreviewed
CVE-2024-22239 was published Feb 6, 2024
Dell Command | Monitor, versions prior to 10.9, contain an arbitrary folder deletion... Moderate Unreviewed
CVE-2023-28049 was published Feb 6, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... Moderate Unreviewed
CVE-2023-31005 was published Feb 3, 2024
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,... Moderate Unreviewed
CVE-2024-0674 was published Jan 30, 2024
A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow... Moderate Unreviewed
CVE-2023-5080 was published Jan 19, 2024
Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro Moderate Unreviewed
CVE-2023-41784 was published Jan 4, 2024
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular... Moderate Unreviewed
CVE-2023-41776 was published Jan 3, 2024
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-51430 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-51429 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-23438 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-23427 was published Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Moderate Unreviewed
CVE-2023-23429 was published Dec 29, 2023
A flaw was found in sudo in the handling of ipa_hostname, where ipa_hostname from /etc/sssd/sssd... Moderate Unreviewed
CVE-2023-7090 was published Dec 24, 2023
Improper privilege management allowed arbitrary workflows to be committed and run using an... Moderate Unreviewed
CVE-2023-6804 was published Dec 21, 2023
A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4... Moderate Unreviewed
CVE-2023-3907 was published Dec 18, 2023
An issue was found in CPython 3.12.0 `subprocess` module on POSIX platforms. The issue was fixed... Moderate Unreviewed
CVE-2023-6507 was published Dec 8, 2023
there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic... Moderate Unreviewed
CVE-2023-48406 was published Dec 8, 2023
An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability... Moderate Unreviewed
CVE-2023-45083 was published Dec 5, 2023
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series... Moderate Unreviewed
CVE-2023-5797 was published Nov 28, 2023
An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series... Moderate Unreviewed
CVE-2023-37925 was published Nov 28, 2023
An improper privilege management vulnerability in the hotspot feature of the Zyxel USG FLEX... Moderate Unreviewed
CVE-2023-5960 was published Nov 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database