Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

137 advisories

Loading
Incorrect Privilege Assignment vulnerability in Madiri Salman Aashish Adding drop down roles in... Critical Unreviewed
CVE-2024-49217 was published Oct 17, 2024
The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and... Critical Unreviewed
CVE-2024-9863 was published Oct 17, 2024
Vault Community Edition privilege escalation vulnerability High
CVE-2024-9180 was published for github.com/hashicorp/vault (Go) Oct 10, 2024
The UserPlus plugin for WordPress is vulnerable to unauthorized modification of data due to an... High Unreviewed
CVE-2024-9519 was published Oct 10, 2024
The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows... Moderate Unreviewed
CVE-2024-48941 was published Oct 10, 2024
This vulnerability exists in Shilpi Client Dashboard due to lack of authorization for... High Unreviewed
CVE-2024-47653 was published Oct 4, 2024
The WebDAV service in Infinera TNMS (Transcend Network Management System) 19.10.3 allows a low... Critical Unreviewed
CVE-2024-25660 was published Oct 1, 2024
A remote code execution (RCE) vulnerability in the component /admin/store.php of Emlog Pro before... Moderate Unreviewed
CVE-2024-46540 was published Sep 30, 2024
Privilege Escalation vulnerability in favethemes Houzez Login Register houzez-login-register.This... High Unreviewed
CVE-2024-21743 was published Sep 17, 2024
Incorrect Privilege Assignment vulnerability in favethemes Houzez houzez allows Privilege... High Unreviewed
CVE-2024-22303 was published Sep 17, 2024
The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in... High Unreviewed
CVE-2024-8253 was published Sep 11, 2024
IBM MQ Operator 2.0.26 and 3.2.4 could allow an authenticated user in a specifically defined role... High Unreviewed
CVE-2024-40681 was published Sep 7, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment... Moderate Unreviewed
CVE-2024-39579 was published Aug 31, 2024
Hwameistor Potential Permission Leakage of Cluster Level Moderate
CVE-2024-45054 was published for github.com/hwameistor/hwameistor (Go) Aug 29, 2024
younaman
Mage AI incorrectly gives privileges to users with deleted accounts Moderate
CVE-2024-45187 was published for mage-ai (pip) Aug 23, 2024
Dell Power Manager (DPM), versions 3.15.0 and prior, contains an Incorrect Privilege Assignment... High Unreviewed
CVE-2024-39576 was published Aug 22, 2024
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2024-20466 was published Aug 21, 2024
Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed... Critical Unreviewed
CVE-2024-28000 was published Aug 21, 2024
Grafana plugin data sources vulnerable to access control bypass Moderate
CVE-2024-6322 was published for github.com/grafana/grafana (Go) Aug 20, 2024
Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19... High Unreviewed
CVE-2024-41139 was published Jul 29, 2024
Insecure Permissions vulnerability in Tencent wechat v.8.0.37 allows an attacker to escalate... High Unreviewed
CVE-2024-40433 was published Jul 27, 2024
Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate... High Unreviewed
CVE-2024-36534 was published Jul 24, 2024
An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can... Critical Unreviewed
CVE-2024-23794 was published Jul 15, 2024
A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM... High Unreviewed
CVE-2024-38278 was published Jul 9, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an incorrect privilege assignment... Moderate Unreviewed
CVE-2024-37132 was published Jul 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database