GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,131 advisories
Filter by severity
A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow...
Moderate
Unreviewed
CVE-2020-26063
was published
Nov 18, 2024
The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9192
was published
Nov 16, 2024
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by...
High
Unreviewed
CVE-2024-9500
was published
Nov 16, 2024
Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to...
High
Unreviewed
CVE-2024-11206
was published
Nov 14, 2024
Privilege escalation to NetworkService Account access in Citrix Session Recording when an...
Moderate
Unreviewed
CVE-2024-8068
was published
Nov 12, 2024
Improper Privilege Management vulnerability in Nomysoft Informatics Nomysem allows Collect Data...
Critical
Unreviewed
CVE-2024-8074
was published
Nov 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an...
High
Unreviewed
CVE-2024-49558
was published
Nov 12, 2024
Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege...
High
Unreviewed
CVE-2024-24409
was published
Nov 8, 2024
A GitHub App installed in organizations could upgrade some permissions from read to write access...
High
Unreviewed
CVE-2024-8810
was published
Nov 8, 2024
Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on...
High
Unreviewed
CVE-2024-8424
was published
Nov 8, 2024
Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are...
High
Unreviewed
CVE-2024-10203
was published
Nov 7, 2024
Input parameter verification vulnerability in the background service module
Impact: Successful...
Moderate
Unreviewed
CVE-2024-51521
was published
Nov 5, 2024
An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in...
High
Unreviewed
CVE-2024-7473
was published
Oct 29, 2024
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ...
Moderate
Unreviewed
CVE-2024-20374
was published
Oct 23, 2024
Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for...
Moderate
Unreviewed
CVE-2023-25535
was published
Oct 17, 2024
The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit...
Moderate
Unreviewed
CVE-2024-45461
was published
Oct 16, 2024
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized
access,...
High
Unreviewed
CVE-2024-9002
was published
Oct 11, 2024
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800...
Moderate
Unreviewed
CVE-2024-22068
was published
Oct 10, 2024
The UserPlus plugin for WordPress is vulnerable to privilege escalation in versions up to, and...
Critical
Unreviewed
CVE-2024-9518
was published
Oct 10, 2024
In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API...
Moderate
Unreviewed
CVE-2024-7048
was published
Oct 10, 2024
VMware NSX contains a local privilege escalation vulnerability.
An authenticated malicious...
Moderate
Unreviewed
CVE-2024-38818
was published
Oct 9, 2024
A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software...
Moderate
Unreviewed
CVE-2024-9471
was published
Oct 9, 2024
A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege...
Critical
Unreviewed
CVE-2024-3057
was published
Oct 8, 2024
A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate...
Moderate
Unreviewed
CVE-2024-45919
was published
Oct 7, 2024
An issue in Shanghai Zhouma Network Technology CO., Ltd IMS Intelligent Manufacturing...
Moderate
Unreviewed
CVE-2024-44439
was published
Oct 4, 2024
ProTip!
Advisories are also available from the
GraphQL API