Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

288 advisories

Loading
Apache Helix Front (UI) component contained a hard-coded secret High
CVE-2024-22281 was published for org.apache.helix:helix (Maven) Aug 21, 2024
TorchServe gRPC Port Exposure High
CVE-2024-35199 was published for torchserve (pip) Jul 18, 2024
Windows MSHTML Platform Spoofing Vulnerability High Unreviewed
CVE-2024-38112 was published Jul 9, 2024
malicious container creates symlink "mtab" on the host External High
CVE-2024-5154 was published for github.com/cri-o/cri-o (Go) Jun 4, 2024
eriksjolund
A local attacker with low privileges can read and modify any users files and cause a DoS in the... High Unreviewed
CVE-2023-5751 was published Jun 4, 2024
Exposure of resource to wrong sphere in some Intel(R) DTT software installers may allow an... High Unreviewed
CVE-2024-21813 was published May 16, 2024
Vladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate... High Unreviewed
CVE-2023-6096 was published Apr 26, 2024
DIRAC: Unauthorized users can read proxy contents during generation High
CVE-2024-29905 was published for DIRAC (pip) Apr 9, 2024
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to... High Unreviewed
CVE-2024-3019 was published Mar 28, 2024
runc vulnerable to container breakout through process.cwd trickery and leaked fds High
CVE-2024-21626 was published for github.com/opencontainers/runc (Go) Jan 31, 2024
rmcnamara-snyk cyphar
lifubang
The WP STAGING WordPress Backup plugin before 3.2.0 allows access to cache files during the... High Unreviewed
CVE-2023-7204 was published Jan 29, 2024
SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly... High Unreviewed
CVE-2023-39171 was published Dec 7, 2023
In telephony service, there is a possible missing permission check. This could lead to remote... High Unreviewed
CVE-2023-42717 was published Dec 4, 2023
In telephony service, there is a possible missing permission check. This could lead to remote... High Unreviewed
CVE-2023-42716 was published Dec 4, 2023
A vulnerability was found in insights-client. This security issue occurs because of insecure file... High Unreviewed
CVE-2023-3972 was published Nov 1, 2023
An issue in Univention UCS v.5.0 allows a local attacker to execute arbitrary code and gain... High Unreviewed
CVE-2023-38994 was published Oct 31, 2023
The Bluetooth module has a vulnerability in permission control for broadcast notifications... High Unreviewed
CVE-2023-44101 was published Oct 11, 2023
Remote Procedure Call Information Disclosure Vulnerability High Unreviewed
CVE-2023-36596 was published Oct 10, 2023
The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ... High Unreviewed
CVE-2023-44122 was published Sep 27, 2023
** DISPUTED ** Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to... High Unreviewed
CVE-2023-43784 was published Sep 22, 2023
Cadence through 0.9.2 2023-08-21 uses an Insecure /tmp/cadence-wineasio.reg Temporary File. The... High Unreviewed
CVE-2023-43783 was published Sep 22, 2023
Minio vulnerable to Privilege Escalation on Windows via Path separator manipulation High
CVE-2023-28433 was published for github.com/minio/minio (Go) Sep 6, 2023
donatello harshavardhana
RicterZ
Vulnerability of input parameters being not strictly verified in the AMS module. Successful... High Unreviewed
CVE-2023-39383 was published Aug 13, 2023
An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients'... High Unreviewed
CVE-2023-38830 was published Aug 10, 2023
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated... High Unreviewed
CVE-2023-39214 was published Aug 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database