GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
60 advisories
Filter by severity
A vulnerability has been identified in Spectrum Power 7 (All versions < V24Q3). The affected...
High
Unreviewed
CVE-2024-29119
was published
Nov 12, 2024
Incorrect Privilege Assignment vulnerability in Matt Whiteman Bulk Change Role allows Privilege...
High
Unreviewed
CVE-2024-50504
was published
Oct 30, 2024
Incorrect Privilege Assignment vulnerability in Azexo Marketing Automation by AZEXO allows...
High
Unreviewed
CVE-2024-50506
was published
Oct 30, 2024
Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows...
High
Unreviewed
CVE-2024-50550
was published
Oct 29, 2024
Incorrect Privilege Assignment vulnerability in Stack Themes Bstone Demo Importer allows...
High
Unreviewed
CVE-2024-50481
was published
Oct 29, 2024
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2...
High
Unreviewed
CVE-2024-47904
was published
Oct 23, 2024
: Incorrect Privilege Assignment vulnerability in Gerry Ntabuhashe GERRYWORKS Post by Mail allows...
High
Unreviewed
CVE-2024-49608
was published
Oct 20, 2024
Incorrect Privilege Assignment vulnerability in themexpo RS-Members allows Privilege Escalation...
High
Unreviewed
CVE-2024-49219
was published
Oct 17, 2024
The UserPlus plugin for WordPress is vulnerable to unauthorized modification of data due to an...
High
Unreviewed
CVE-2024-9519
was published
Oct 10, 2024
This vulnerability exists in Shilpi Client Dashboard due to lack of authorization for...
High
Unreviewed
CVE-2024-47653
was published
Oct 4, 2024
Incorrect Privilege Assignment vulnerability in favethemes Houzez houzez allows Privilege...
High
Unreviewed
CVE-2024-22303
was published
Sep 17, 2024
Privilege Escalation vulnerability in favethemes Houzez Login Register houzez-login-register.This...
High
Unreviewed
CVE-2024-21743
was published
Sep 17, 2024
The Post Grid and Gutenberg Blocks plugin for WordPress is vulnerable to privilege escalation in...
High
Unreviewed
CVE-2024-8253
was published
Sep 11, 2024
IBM MQ Operator 2.0.26 and 3.2.4 could allow an authenticated user in a specifically defined role...
High
Unreviewed
CVE-2024-40681
was published
Sep 7, 2024
Dell Power Manager (DPM), versions 3.15.0 and prior, contains an Incorrect Privilege Assignment...
High
Unreviewed
CVE-2024-39576
was published
Aug 22, 2024
Incorrect privilege assignment vulnerability exists in SKYSEA Client View Ver.6.010.06 to Ver.19...
High
Unreviewed
CVE-2024-41139
was published
Jul 29, 2024
Insecure Permissions vulnerability in Tencent wechat v.8.0.37 allows an attacker to escalate...
High
Unreviewed
CVE-2024-40433
was published
Jul 27, 2024
Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate...
High
Unreviewed
CVE-2024-36534
was published
Jul 24, 2024
A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM...
High
Unreviewed
CVE-2024-38278
was published
Jul 9, 2024
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under...
High
Unreviewed
CVE-2024-31912
was published
Jun 28, 2024
Insecure permissions in DNSCrypt-proxy v2.0.0alpha9 to v2.1.5 allows non-privileged attackers to...
High
Unreviewed
CVE-2024-36587
was published
Jun 13, 2024
In the Linux kernel, the following vulnerability has been resolved:
ethtool: strset: fix message...
High
Unreviewed
CVE-2021-47241
was published
May 21, 2024
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could...
High
Unreviewed
CVE-2024-20389
was published
May 16, 2024
Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local attacker to escalate...
High
Unreviewed
CVE-2024-31771
was published
May 14, 2024
IBM AIX's Unix domain (AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1) datagram socket implementation could...
High
Unreviewed
CVE-2024-27273
was published
May 7, 2024
ProTip!
Advisories are also available from the
GraphQL API