GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
112 advisories
Filter by severity
Applications on the tested version of Dominion Voting Systems ImageCast X can execute code with...
High
Unreviewed
CVE-2022-1744
was published
Jun 25, 2022
An attacker may be able to execute malicious actions due to the lack of device access protections...
Critical
Unreviewed
CVE-2022-2634
was published
Aug 11, 2022
The software performs an operation at a privilege level higher than the minimum level required,...
High
Unreviewed
CVE-2021-27454
was published
May 24, 2022
In Bender/ebee Charge Controllers in multiple versions are prone to Local privilege Escalation....
High
Unreviewed
CVE-2021-34591
was published
Apr 28, 2022
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM...
High
Unreviewed
CVE-2021-37174
was published
May 24, 2022
A vulnerability has been identified in License Management Utility (LMU) (All versions < V2.4)....
High
Unreviewed
CVE-2020-10056
was published
May 24, 2022
UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12,...
High
Unreviewed
CVE-2022-3088
was published
Nov 29, 2022
Improper Privilege Management and Execution with Unnecessary Privileges in Kata Containers
Moderate
CVE-2020-2023
was published
for
github.com/kata-containers/agent
(Go)
Feb 15, 2022
Authentication Bypass in keycloak
High
CVE-2020-27826
was published
for
org.keycloak:keycloak-core
(Maven)
Mar 18, 2022
A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch...
Moderate
Unreviewed
CVE-2018-10872
was published
May 13, 2022
The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does...
Moderate
Unreviewed
CVE-2018-10892
was published
May 13, 2022
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges....
Low
Unreviewed
CVE-2019-15790
was published
May 24, 2022
A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be...
High
Unreviewed
CVE-2023-0664
was published
Mar 29, 2023
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2021-1528
was published
May 24, 2022
kOps privilege escalation vulnerability
High
CVE-2023-1943
was published
for
k8s.io/kops
(Go)
Oct 12, 2023
Wings vulnerable to escape to host from installation container
Critical
CVE-2023-32080
was published
for
github.com/pterodactyl/wings
(Go)
May 11, 2023
This privilege escalation vulnerability, if exploited, cloud allow a local OS-authenticated user...
High
Unreviewed
CVE-2023-33873
was published
Nov 15, 2023
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that...
Moderate
Unreviewed
CVE-2023-43018
was published
Nov 3, 2023
Execution with Unnecessary Privileges vulnerability in Saphira Saphira Connect allows Remote Code...
Critical
Unreviewed
CVE-2023-4662
was published
Sep 15, 2023
Kruise allows leveraging the kruise-daemon pod to list all secrets in the entire cluster
Moderate
CVE-2023-30617
was published
for
github.com/openkruise/kruise
(Go)
Jan 5, 2024
A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate...
Moderate
Unreviewed
CVE-2023-20210
was published
Jul 12, 2023
A vulnerability was found in the HCI sockets implementation due to a missing capability check in...
Moderate
Unreviewed
CVE-2023-2002
was published
May 26, 2023
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation...
Moderate
Unreviewed
CVE-2023-20217
was published
Aug 17, 2023
A CWE-250 “Execution with Unnecessary Privileges” vulnerability in the embedded Chromium browser ...
Moderate
Unreviewed
CVE-2023-45592
was published
Mar 5, 2024
A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS XE Software could...
High
Unreviewed
CVE-2022-20676
was published
Apr 16, 2022
ProTip!
Advisories are also available from the
GraphQL API