Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

572 advisories

Loading
Local Privilege Escalation in Windows High
CVE-2023-49797 was published for pyinstaller (pip) Dec 9, 2023
An issue was discovered in Mullvad VPN Windows app before 2023.6-beta1. Insufficient permissions... High Unreviewed
CVE-2023-50446 was published Dec 10, 2023
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757,... High Unreviewed
CVE-2023-49580 was published Dec 12, 2023
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows... High Unreviewed
CVE-2023-46142 was published Dec 14, 2023
A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected... High Unreviewed
CVE-2023-44120 was published Jan 9, 2024
An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate... High Unreviewed
CVE-2023-49257 was published Jan 12, 2024
Vulnerability of permissions being not strictly verified in the WMS module. Successful... High Unreviewed
CVE-2023-52107 was published Jan 16, 2024
Permission management vulnerability in the multi-screen interaction module. Successful... High Unreviewed
CVE-2023-52116 was published Jan 16, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write... High Unreviewed
CVE-2024-22016 was published Feb 2, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in B&R Industrial Automation... High Unreviewed
CVE-2020-24681 was published Feb 2, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to... High Unreviewed
CVE-2023-47564 was published Feb 2, 2024
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-21431 was published Mar 12, 2024
WiX based installers are vulnerable to binary hijack when run as SYSTEM High
CVE-2024-29187 was published for WixToolset.Sdk (NuGet) Mar 25, 2024
KNaceri rohitmothe
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an... High Unreviewed
CVE-2024-25646 was published Apr 9, 2024
A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security... High Unreviewed
CVE-2024-24910 was published Apr 18, 2024
Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources High
CVE-2021-25318 was published for github.com/rancher/rancher (Go) Apr 24, 2024
LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-40516 was published May 3, 2024
Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation... High Unreviewed
CVE-2023-51579 was published May 3, 2024
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated... High Unreviewed
CVE-2023-47712 was published May 14, 2024
Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows... High Unreviewed
CVE-2023-35841 was published May 14, 2024
Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices High Unreviewed
CVE-2024-1486 was published May 14, 2024
On Unix systems (Linux, MacOS), Arc uses a temporary file with unsafe privileges. By tampering... High Unreviewed
CVE-2023-5936 was published May 15, 2024
A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2024-30369 was published Jun 6, 2024
The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all... High Unreviewed
CVE-2024-3668 was published Jun 8, 2024
Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate... High Unreviewed
CVE-2024-36821 was published Jun 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database