GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
67 advisories
Filter by severity
Apache Hadoop: Temporary File Local Information Disclosure
Low
CVE-2024-23454
was published
for
org.apache.hadoop:hadoop-common
(Maven)
Sep 25, 2024
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®...
Low
Unreviewed
CVE-2024-6326
was published
Jul 16, 2024
SpiceDB having multiple caveats on resources of the same type may improperly result in no permission
Low
CVE-2024-46989
was published
for
github.com/authzed/spicedb
(Go)
Sep 18, 2024
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1...
Low
Unreviewed
CVE-2022-4270
was published
Dec 2, 2022
Access permission verification vulnerability in the Notepad module
Impact: Successful...
Low
Unreviewed
CVE-2024-42036
was published
Aug 8, 2024
biscuit-auth vulnerable to public key confusion in third party block
Low
CVE-2024-41949
was published
for
biscuit-auth
(Rust)
Jul 31, 2024
Improper Privilege Management in djangorestframework-simplejwt
Low
CVE-2024-22513
was published
for
djangorestframework-simplejwt
(pip)
Mar 16, 2024
A local privilege escalation (LPE) vulnerability has been identified in Phish Alert Button for...
Low
Unreviewed
CVE-2024-29210
was published
May 7, 2024
Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows...
Low
Unreviewed
CVE-2023-30717
was published
Sep 6, 2023
There is a permission and access control vulnerability in some ZTE mobile phones. Due to...
Low
Unreviewed
CVE-2023-25647
was published
Aug 17, 2023
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1...
Low
Unreviewed
CVE-2023-21512
was published
Jun 28, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Low
Unreviewed
CVE-2023-51433
was published
Dec 29, 2023
An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on...
Low
Unreviewed
CVE-2020-1476
was published
May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application...
Low
Unreviewed
CVE-2020-16852
was published
May 24, 2022
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Low
Unreviewed
CVE-2023-23428
was published
Dec 29, 2023
Some Honor products are affected by incorrect privilege assignment vulnerability, successful...
Low
Unreviewed
CVE-2023-23430
was published
Dec 29, 2023
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an...
Low
Unreviewed
CVE-2023-6793
was published
Dec 13, 2023
The FACSChorus software does not properly assign data access privileges for operating system user...
Low
Unreviewed
CVE-2023-29066
was published
Nov 28, 2023
Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a...
Low
Unreviewed
CVE-2021-31839
was published
May 24, 2022
Byobu user preference to prevent private discussions being started are not respected
Low
CVE-2022-35921
was published
for
fof/byobu
(Composer)
Aug 6, 2022
Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22,...
Low
Unreviewed
CVE-2022-36832
was published
Aug 6, 2022
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges....
Low
Unreviewed
CVE-2019-15790
was published
May 24, 2022
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar...
Low
Unreviewed
CVE-2023-21458
was published
Mar 16, 2023
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the...
Low
Unreviewed
CVE-2004-1349
was published
Apr 29, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 allows web pages to be stored...
Low
Unreviewed
CVE-2019-4218
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API