Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,089
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain an execution with unnecessary... Moderate Unreviewed
CVE-2024-32853 was published Jul 2, 2024
The Toshiba printers do not implement privileges separation. As for the affected products/models... Moderate Unreviewed
CVE-2024-27146 was published Jun 14, 2024
Submariner Operator sets unnecessary RBAC permissions in helm charts Moderate
CVE-2024-5042 was published for github.com/submariner-io/submariner-operator (Go) May 17, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an execution with unnecessary... Moderate Unreviewed
CVE-2024-25967 was published May 14, 2024
A CWE-250 “Execution with Unnecessary Privileges” vulnerability in the embedded Chromium browser ... Moderate Unreviewed
CVE-2023-45592 was published Mar 5, 2024
Kruise allows leveraging the kruise-daemon pod to list all secrets in the entire cluster Moderate
CVE-2023-30617 was published for github.com/openkruise/kruise (Go) Jan 5, 2024
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that... Moderate Unreviewed
CVE-2023-43018 was published Nov 3, 2023
SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a... Moderate Unreviewed
CVE-2023-27312 was published Oct 12, 2023
One Identity Password Manager version 5.9.7.1 - An unauthenticated attacker with physical access... Moderate Unreviewed
CVE-2023-4003 was published Sep 27, 2023
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation... Moderate Unreviewed
CVE-2023-20217 was published Aug 17, 2023
A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate... Moderate Unreviewed
CVE-2023-20210 was published Jul 12, 2023
A vulnerability was found in the HCI sockets implementation due to a missing capability check in... Moderate Unreviewed
CVE-2023-2002 was published May 26, 2023
A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch... Moderate Unreviewed
CVE-2018-10872 was published May 13, 2022
The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does... Moderate Unreviewed
CVE-2018-10892 was published May 13, 2022
Improper Privilege Management and Execution with Unnecessary Privileges in Kata Containers Moderate
CVE-2020-2023 was published for github.com/kata-containers/agent (Go) Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API