Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

247 advisories

Loading
Netskope was made aware of a security vulnerability in its NSClient product for version 100 &... Moderate Unreviewed
CVE-2023-4996 was published Nov 6, 2023
SaToken privilege escalation vulnerability Critical
CVE-2023-44794 was published for cn.dev33:sa-token-core (Maven) Oct 25, 2023
OpenSearch Issue with tenant read-only permissions Moderate
CVE-2023-45807 was published for org.opensearch.plugin:opensearch-security (Maven) Oct 17, 2023
A software vulnerability has been identified in the U-Boot Secondary Program Loader (SPL) before... High Unreviewed
CVE-2023-39902 was published Oct 17, 2023
Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows... Low Unreviewed
CVE-2023-30735 was published Oct 4, 2023
The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory.... Moderate Unreviewed
CVE-2022-47637 was published Sep 13, 2023
Apache Superset has improper default REST API permission for Gamma users Moderate
CVE-2023-36387 was published for apache-superset (pip) Sep 6, 2023
Disabled permissions can be granted by Jenkins SSH2 Easy Plugin High
CVE-2023-41939 was published for org.jenkins-ci.plugins:ssh2easy (Maven) Sep 6, 2023
System files could be overwritten using the less command in Brocade Fabric OS before Brocade... High Unreviewed
CVE-2023-31926 was published Aug 2, 2023
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. When a local... High Unreviewed
CVE-2023-1386 was published Jul 24, 2023
Access Control Bypass in Spring Security Critical
CVE-2023-34034 was published for org.springframework.security:spring-security-config (Maven) Jul 19, 2023
bbossola furti
IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper... High Unreviewed
CVE-2022-43910 was published Jul 19, 2023
In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time... Moderate Unreviewed
CVE-2023-21249 was published Jul 13, 2023
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local... High Unreviewed
CVE-2023-0975 was published Jul 6, 2023
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially... High Unreviewed
CVE-2022-4139 was published Jul 6, 2023
An insecure filesystem permission in the Insider Threat Management Agent for Windows enables... Moderate Unreviewed
CVE-2023-2818 was published Jun 27, 2023
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could... Moderate Unreviewed
CVE-2023-32552 was published Jun 27, 2023
A valid, authenticated user with limited privileges may be able to use specifically crafted web... Moderate Unreviewed
CVE-2023-2993 was published Jun 26, 2023
Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM... High Unreviewed
CVE-2023-34672 was published Jun 23, 2023
This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5,... Moderate Unreviewed
CVE-2023-32400 was published Jun 23, 2023
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura... Moderate Unreviewed
CVE-2023-32355 was published Jun 23, 2023
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2023-32388 was published Jun 23, 2023
If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a... High Unreviewed
CVE-2023-28161 was published Jun 2, 2023
Suprema BioStar 2 before 2022 Q4, v2.9.1 has Insecure Permissions. A vulnerability in the web... High Unreviewed
CVE-2023-31923 was published May 22, 2023
Remote code execution in Voyager Critical
CVE-2020-36070 was published for tcg/voyager (Composer) Apr 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database