Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,159 advisories

Loading
Buildah allows build breakout using malicious Containerfiles and concurrent builds High
CVE-2024-11218 was published for github.com/containers/buildah (Go) Jan 21, 2025
eriksjolund
Zot IdP group membership revocation ignored High
CVE-2025-23208 was published for zotregistry.dev/zot (Go) Jan 17, 2025
jeff-mccoy
Windows Web Threat Defense User Service Information Disclosure Vulnerability High Unreviewed
CVE-2025-21343 was published Jan 14, 2025
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21360 was published Jan 14, 2025
Windows Installer Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21287 was published Jan 14, 2025
An improper privilege management vulnerability in the web management interface of the Zyxel... High Unreviewed
CVE-2024-12398 was published Jan 14, 2025
A vulnerability in the BitdefenderVirusScanner binary as used in Bitdefender Virus Scanner for... High Unreviewed
CVE-2024-11128 was published Jan 14, 2025
A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low... High Unreviewed
CVE-2024-53706 was published Jan 9, 2025
Vulnerability of improper permission control in the window management module Impact: Successful... High Unreviewed
CVE-2024-56447 was published Jan 8, 2025
A security agent link following vulnerability in Trend Micro Apex One could allow a local... High Unreviewed
CVE-2024-55632 was published Dec 31, 2024
An engine link following vulnerability in Trend Micro Apex One could allow a local attacker to... High Unreviewed
CVE-2024-55631 was published Dec 31, 2024
There is an improper privilege management vulnerability in Huawei smart phone product. A local,... High Unreviewed
CVE-2020-9080 was published Dec 27, 2024
There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to... High Unreviewed
CVE-2020-9222 was published Dec 27, 2024
An execution with unnecessary privileges vulnerability in the VCM engine of FortiClient for Linux... High Unreviewed
CVE-2020-15934 was published Dec 19, 2024
CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and... High Unreviewed
CVE-2024-38499 was published Dec 17, 2024
MinIO vulnerable to privilege escalation in IAM import API High
CVE-2024-55949 was published for github.com/minio/minio (Go) Dec 16, 2024
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to privilege escalation in... High Unreviewed
CVE-2024-11721 was published Dec 14, 2024
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated... High Unreviewed
CVE-2024-49035 was published Nov 26, 2024
A script injection vulnerability was identified in the Tuned package. The `instance_create()` D... High Unreviewed
CVE-2024-52336 was published Nov 26, 2024
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege... High Unreviewed
CVE-2024-9941 was published Nov 23, 2024
Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent. High Unreviewed
CVE-2024-52926 was published Nov 18, 2024
The WordPress Video Robot - The Ultimate Video Importer plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-9192 was published Nov 16, 2024
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by... High Unreviewed
CVE-2024-9500 was published Nov 16, 2024
Unauthorized access vulnerability in the mobile application (com.transsion.phoenix) can lead to... High Unreviewed
CVE-2024-11206 was published Nov 14, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an... High Unreviewed
CVE-2024-49558 was published Nov 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database