GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
26 advisories
Filter by severity
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could...
Critical
Unreviewed
CVE-2024-8785
was published
Dec 2, 2024
The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing...
Critical
Unreviewed
CVE-2024-11068
was published
Nov 11, 2024
org.xwiki.platform:xwiki-platform-notifications-ui is missing checks for notification filter preferences editions
High
CVE-2024-46978
was published
for
org.xwiki.platform:xwiki-platform-notifications-ui
(Maven)
Sep 18, 2024
The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an...
Critical
Unreviewed
CVE-2024-37018
was published
May 31, 2024
Improper Privilege Management vulnerability in ExtremePacs Extreme XDS allows Collect Data as...
High
Unreviewed
CVE-2023-6522
was published
Apr 5, 2024
Improper Privilege Management vulnerability in Utarit Information Technologies SoliPay Mobile App...
High
Unreviewed
CVE-2023-4993
was published
Feb 15, 2024
A vulnerability has been identified in Unicam FX (All versions). The windows installer agent used...
High
Unreviewed
CVE-2024-22042
was published
Feb 13, 2024
Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows...
High
Unreviewed
CVE-2023-6150
was published
Nov 28, 2023
Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows...
High
Unreviewed
CVE-2023-6151
was published
Nov 28, 2023
Improper Privilege Management vulnerability in Yepas Digital Yepas allows Collect Data as...
High
Unreviewed
CVE-2023-4972
was published
Sep 14, 2023
In MongoDB Ops Manager v5.0 prior to 5.0.22 and v6.0 prior to 6.0.17 it is possible for an...
High
Unreviewed
CVE-2023-4009
was published
Aug 8, 2023
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote...
Moderate
Unreviewed
CVE-2023-20136
was published
Jun 28, 2023
org.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthors
Critical
CVE-2023-29507
was published
for
org.xwiki.platform:xwiki-platform-oldcore
(Maven)
Apr 12, 2023
Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A...
High
Unreviewed
CVE-2023-28062
was published
Apr 11, 2023
A vulnerability in the web-based management interface of Cisco Identity Services Engine could...
Moderate
Unreviewed
CVE-2022-20965
was published
Jan 20, 2023
usememos/memos Incorrect Use of Privileged APIs vulnerability
Moderate
CVE-2022-4805
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos makes Incorrect Use of Privileged APIs
High
CVE-2022-4796
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos makes Incorrect Use of Privileged APIs
High
CVE-2022-4687
was published
for
github.com/usememos/memos
(Go)
Dec 23, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)...
High
Unreviewed
CVE-2022-20956
was published
Nov 4, 2022
Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.
Critical
Unreviewed
CVE-2022-2023
was published
Jun 21, 2022
Specially crafted API calls may allow an authenticated user who holds Organization Owner...
Moderate
Unreviewed
CVE-2020-7927
was published
May 24, 2022
It was found that the .buildfont1 procedure did not properly secure its privileged calls,...
High
Unreviewed
CVE-2019-10216
was published
May 24, 2022
A flaw was found in, ghostscript versions prior to 9.28, in the .pdf_hook_DSC_Creator procedure...
High
Unreviewed
CVE-2019-14811
was published
May 24, 2022
A flaw was found in, ghostscript versions prior to 9.28, in the .pdfexectoken and other...
High
Unreviewed
CVE-2019-14817
was published
May 24, 2022
It was found that in ghostscript some privileged operators remained accessible from various...
High
Unreviewed
CVE-2019-3839
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API