Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

59 advisories

Loading
Incorrect Privilege Assignment vulnerability in Matt Whiteman Bulk Change Role allows Privilege... High Unreviewed
CVE-2024-50504 was published Oct 30, 2024
Incorrect Privilege Assignment vulnerability in Azexo Marketing Automation by AZEXO allows... High Unreviewed
CVE-2024-50506 was published Oct 30, 2024
Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows... High Unreviewed
CVE-2024-50550 was published Oct 29, 2024
Incorrect Privilege Assignment vulnerability in Stack Themes Bstone Demo Importer allows... High Unreviewed
CVE-2024-50481 was published Oct 29, 2024
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2... High Unreviewed
CVE-2024-47904 was published Oct 23, 2024
: Incorrect Privilege Assignment vulnerability in Gerry Ntabuhashe GERRYWORKS Post by Mail allows... High Unreviewed
CVE-2024-49608 was published Oct 20, 2024
Incorrect Privilege Assignment vulnerability in themexpo RS-Members allows Privilege Escalation... High Unreviewed
CVE-2024-49219 was published Oct 17, 2024
This vulnerability exists in Shilpi Client Dashboard due to lack of authorization for... High Unreviewed
CVE-2024-47653 was published Oct 4, 2024
Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to... High Unreviewed
CVE-2023-30691 was published Aug 10, 2023
Improper privilege management vulnerability in MMIGroup prior to SMR Aug-2023 Release 1 allows... High Unreviewed
CVE-2023-30680 was published Aug 10, 2023
The UserPlus plugin for WordPress is vulnerable to unauthorized modification of data due to an... High Unreviewed
CVE-2024-9519 was published Oct 10, 2024
In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into... High Unreviewed
CVE-2023-21269 was published Aug 14, 2023
IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to... High Unreviewed
CVE-2023-28956 was published Jun 22, 2023
Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom... High Unreviewed
CVE-2023-49647 was published Jan 13, 2024
Incorrect Privilege Assignment vulnerability in favethemes Houzez houzez allows Privilege... High Unreviewed
CVE-2024-22303 was published Sep 17, 2024
Privilege Escalation vulnerability in favethemes Houzez Login Register houzez-login-register.This... High Unreviewed
CVE-2024-21743 was published Sep 17, 2024
The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in... High Unreviewed
CVE-2024-8253 was published Sep 11, 2024
IBM MQ Operator 2.0.26 and 3.2.4 could allow an authenticated user in a specifically defined role... High Unreviewed
CVE-2024-40681 was published Sep 7, 2024
Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate... High Unreviewed
CVE-2024-36534 was published Jul 24, 2024
Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate... High Unreviewed
CVE-2024-31771 was published May 14, 2024
Dell Power Manager (DPM), versions 3.15.0 and prior, contains an Incorrect Privilege Assignment... High Unreviewed
CVE-2024-39576 was published Aug 22, 2024
In createFromParcel of UsbConfiguration.java, there is a possible background activity launch (BAL... High Unreviewed
CVE-2023-40109 was published Feb 16, 2024
An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with... High Unreviewed
CVE-2023-50437 was published Feb 29, 2024
A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM... High Unreviewed
CVE-2024-38278 was published Jul 9, 2024
Insecure Permissions vulnerability in Tencent wechat v.8.0.37 allows an attacker to escalate... High Unreviewed
CVE-2024-40433 was published Jul 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database