Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

3,397 advisories

Loading
In onCreate of multiple files, there is a possible way to trick the user into granting health... High Unreviewed
CVE-2024-31323 was published Jul 9, 2024
In availableToWriteBytes of MessageQueueBase.h, there is a possible out of bounds write due to an... High Unreviewed
CVE-2024-31313 was published Jul 9, 2024
In increment_annotation_count of stats_event.c, there is a possible out of bounds write due to a... Moderate Unreviewed
CVE-2024-31311 was published Jul 9, 2024
In CompanionDeviceManagerService.java, there is a possible way to pair a companion device without... High Unreviewed
CVE-2024-31318 was published Jul 9, 2024
In DevmemIntUnexportCtx of devicemem_server.c, there is a possible arbitrary code execution due... High Unreviewed
CVE-2024-34725 was published Jul 9, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due... High Unreviewed
CVE-2024-34743 was published Aug 16, 2024
In multiple locations, there is a possible out of bounds write due to a heap buffer overflow.... High Unreviewed
CVE-2024-0049 was published Mar 11, 2024
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in... High Unreviewed
CVE-2024-11721 was published Dec 14, 2024
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. A mobile network... High Unreviewed
CVE-2023-25185 was published Jun 16, 2023
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a... High Unreviewed
CVE-2023-25188 was published Jun 16, 2023
Cross-process screen stack vulnerability in the UIExtension module Impact: Successful... Moderate Unreviewed
CVE-2024-54110 was published Dec 12, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2024-23253 was published Mar 8, 2024
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows... Moderate Unreviewed
CVE-2023-21513 was published Jun 28, 2023
A script injection vulnerability was identified in the Tuned package. The `instance_create()` D... High Unreviewed
CVE-2024-52336 was published Nov 26, 2024
Improper privilege management in Just-in-time (JIT) elevation module in Devolutions Server 2023.3... High Unreviewed
CVE-2024-1764 was published Mar 6, 2024
An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service... High Unreviewed
CVE-2023-34148 was published Jun 27, 2023
An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service... High Unreviewed
CVE-2023-34147 was published Jun 27, 2023
An exposed dangerous function vulnerability in the Trend Micro Apex One and Apex One as a Service... High Unreviewed
CVE-2023-34146 was published Jun 27, 2023
Podman affected by CVE-2024-1753 container escape at build time Moderate
CVE-2024-1753 was published for github.com/containers/podman/v4 (Go) Mar 28, 2024
rmcnamara-snyk
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated... High Unreviewed
CVE-2024-49035 was published Nov 26, 2024
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege... High Unreviewed
CVE-2024-9941 was published Nov 23, 2024
A vulnerability in an access control mechanism of Cisco Firepower Management Center (FMC)... Moderate Unreviewed
CVE-2021-1477 was published May 24, 2022
Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file... High Unreviewed
CVE-2024-0353 was published Feb 15, 2024
Withdrawn Advisory: Kanister vulnerable to cluster-level privilege escalation Moderate
CVE-2024-43403 was published for github.com/kanisterio/kanister (Go) Aug 20, 2024 withdrawn
younaman hairyhum
Grafana's users with permissions to create a data source can CRUD all data sources High
CVE-2024-1442 was published for github.com/grafana/grafana (Go) Mar 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database