GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
25 advisories
Filter by severity
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network...
High
Unreviewed
CVE-2024-38813
was published
Sep 17, 2024
Internal browser event interfaces were exposed to web content when privileged EventHandler...
High
Unreviewed
CVE-2024-8382
was published
Sep 3, 2024
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_ct: skip...
Moderate
Unreviewed
CVE-2021-47129
was published
Mar 15, 2024
netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction
New elements in...
Moderate
Unreviewed
CVE-2023-52433
was published
Feb 20, 2024
For migration as well as to work around kernels unaware of L1TF (see
XSA-273), PV guests may be...
High
Unreviewed
CVE-2023-34322
was published
Jan 5, 2024
An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a...
Moderate
Unreviewed
CVE-2023-26239
was published
Oct 5, 2023
Before correction, the copy_file_range system call checked only for the CAP_READ and CAP_WRITE...
High
Unreviewed
CVE-2023-5369
was published
Oct 4, 2023
In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during...
High
Unreviewed
CVE-2023-35692
was published
Jul 14, 2023
In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification...
Low
Unreviewed
CVE-2023-21246
was published
Jul 13, 2023
Play With Docker < 0.0.2 has an insecure CAP_SYS_ADMIN privileged mode causing the docker...
Critical
Unreviewed
CVE-2023-34844
was published
Jun 29, 2023
A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This...
High
Unreviewed
CVE-2022-0358
was published
Aug 29, 2022
An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c...
High
Unreviewed
CVE-2021-36762
was published
May 24, 2022
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknown_trap_exec.
Critical
Unreviewed
CVE-2020-24361
was published
May 24, 2022
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise...
Moderate
Unreviewed
CVE-2020-14300
was published
May 24, 2022
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053...
Moderate
Unreviewed
CVE-2020-14298
was published
May 24, 2022
In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no...
High
Unreviewed
CVE-2019-20044
was published
May 24, 2022
An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By...
High
Unreviewed
CVE-2019-18276
was published
May 24, 2022
libuv before 0.10.34 does not properly drop group privileges, which allows context-dependent...
High
Unreviewed
CVE-2015-0278
was published
May 14, 2022
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping...
Critical
Unreviewed
CVE-2017-6972
was published
May 13, 2022
Improper revalidation of permissions in Nextcloud Server prior to 14.0.0, 13.0.6 and 12.0.11 lead...
High
Unreviewed
CVE-2018-16466
was published
May 13, 2022
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector...
High
Unreviewed
CVE-2018-8599
was published
May 13, 2022
artswrapper in aRts, when running setuid root on Linux 2.6.0 or later versions, does not check...
Moderate
Unreviewed
CVE-2006-2916
was published
May 1, 2022
Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation...
Moderate
Unreviewed
CVE-2021-3982
was published
Apr 30, 2022
Bitlbee does not drop extra group privileges correctly in unix.c
Critical
Unreviewed
CVE-2012-1187
was published
Apr 23, 2022
ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to...
Critical
Unreviewed
CVE-2011-2921
was published
Apr 22, 2022
ProTip!
Advisories are also available from the
GraphQL API