GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,348 advisories
Filter by severity
Microsoft SharePoint Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1712.
High
Unreviewed
CVE-2021-1719
was published
May 24, 2022
An issue in Shanghai Zhouma Network Technology CO., Ltd IMS Intelligent Manufacturing...
Moderate
Unreviewed
CVE-2024-44439
was published
Oct 4, 2024
In readFrom of Uri.java, there is a possible bad URI permission grant due to improper input...
High
Unreviewed
CVE-2023-21272
was published
Aug 15, 2023
In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into...
High
Unreviewed
CVE-2023-21269
was published
Aug 14, 2023
Rancher vulnerable to Privilege Escalation via manipulation of Secrets
Critical
CVE-2023-22647
was published
for
github.com/rancher/rancher
(Go)
Jun 6, 2023
VMware NSX contains a local privilege escalation vulnerability.
An authenticated malicious...
Moderate
Unreviewed
CVE-2024-38818
was published
Oct 9, 2024
In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API...
Moderate
Unreviewed
CVE-2024-7048
was published
Oct 10, 2024
The UserPlus plugin for WordPress is vulnerable to privilege escalation in versions up to, and...
Critical
Unreviewed
CVE-2024-9518
was published
Oct 10, 2024
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800...
Moderate
Unreviewed
CVE-2024-22068
was published
Oct 10, 2024
Keycloak's admin API allows low privilege users to use administrative functions
High
CVE-2024-3656
was published
for
org.keycloak:keycloak-services
(Maven)
Jun 11, 2024
Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS...
High
Unreviewed
CVE-2023-6998
was published
Dec 30, 2023
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized
access,...
High
Unreviewed
CVE-2024-9002
was published
Oct 11, 2024
Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows...
High
Unreviewed
CVE-2023-30680
was published
Aug 10, 2023
Improper privilege management in pyftpdlib
Moderate
CVE-2007-6741
was published
for
pyftpdlib
(pip)
May 1, 2022
A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software...
Moderate
Unreviewed
CVE-2024-9471
was published
Oct 9, 2024
Apache Spark vulnerable to Improper Privilege Management
Critical
CVE-2023-22946
was published
for
org.apache.spark:spark-core_2.12
(Maven)
Apr 17, 2023
Local users are able to execute scripts under root privileges.
High
Unreviewed
CVE-2021-42082
was published
Jul 10, 2023
Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core'
High
CVE-2023-32194
was published
for
github.com/rancher/rancher
(Go)
Feb 8, 2024
Rancher's External RoleTemplates can lead to privilege escalation
High
CVE-2023-32196
was published
for
github.com/rancher/rancher
(Go)
Jun 17, 2024
Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for...
Moderate
Unreviewed
CVE-2023-25535
was published
Oct 17, 2024
In some rare cases, there is a password type validation missing in Revert Password check and for...
High
Unreviewed
CVE-2023-41972
was published
Mar 26, 2024
In Telerik Test Studio versions prior to
v2023.3.1330, a privilege elevation vulnerability has...
High
Unreviewed
CVE-2024-0833
was published
Jan 31, 2024
The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit...
Moderate
Unreviewed
CVE-2024-45461
was published
Oct 16, 2024
ProTip!
Advisories are also available from the
GraphQL API