GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,741

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

451 advisories

Filter by severity

Sort by

Least recently updated

Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability Moderate Unreviewed

CVE-2024-21305 was published Jan 9, 2024

There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular... Moderate Unreviewed

CVE-2023-41776 was published Jan 3, 2024

A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing... Moderate Unreviewed

CVE-2023-7055 was published Dec 22, 2023

There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak... Moderate Unreviewed

CVE-2023-25648 was published Dec 14, 2023

A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS... Moderate Unreviewed

CVE-2023-42924 was published Dec 12, 2023

The FACSChorus software database can be accessed directly with the privileges of the currently... Moderate Unreviewed

CVE-2023-29065 was published Nov 28, 2023

The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks,... Moderate Unreviewed

CVE-2023-5651 was published Nov 20, 2023

xxl-job-admin vulnerable to Insecure Permissions Moderate

CVE-2023-48087 was published for com.xuxueli:xxl-job-admin (Maven) Nov 15, 2023

Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2... Moderate Unreviewed

CVE-2023-34314 was published Nov 14, 2023

Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16... Moderate Unreviewed

CVE-2023-39230 was published Nov 14, 2023

Insecure inherited permissions in the installer for some Intel Server Configuration Utility... Moderate Unreviewed

CVE-2023-34997 was published Nov 14, 2023

Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software... Moderate Unreviewed

CVE-2022-41700 was published Nov 14, 2023

Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before... Moderate Unreviewed

CVE-2022-33898 was published Nov 14, 2023

An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2... Moderate Unreviewed

CVE-2023-36633 was published Nov 14, 2023

An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security... Moderate Unreviewed

CVE-2023-47801 was published Nov 13, 2023

An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed

CVE-2023-5136 was published Nov 8, 2023

A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine... Moderate Unreviewed

CVE-2023-3282 was published Nov 8, 2023

A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma... Moderate Unreviewed

CVE-2023-42861 was published Oct 25, 2023

An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of... Moderate Unreviewed

CVE-2023-44201 was published Oct 13, 2023

A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.22). The... Moderate Unreviewed

CVE-2023-38640 was published Oct 10, 2023

An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through... Moderate Unreviewed

CVE-2023-45369 was published Oct 9, 2023

An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1... Moderate Unreviewed

CVE-2023-45364 was published Oct 9, 2023

Broadcast permission control vulnerability in the framework module. Successful exploitation of... Moderate Unreviewed

CVE-2023-4565 was published Sep 27, 2023

Vulnerability of improper permission management in the displayengine module. Successful... Moderate Unreviewed

CVE-2023-41295 was published Sep 25, 2023

A vulnerability has been identified in Node.js version 20, affecting users of the experimental... Moderate Unreviewed

CVE-2023-32005 was published Sep 20, 2023

Previous 1 2 3 4 5 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

451 advisories