Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,867
Erlang
29
GitHub Actions
16
Go
1,717
Maven
4,951
npm
3,480
NuGet
605
pip
3,026
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+

7 advisories

silverstripe/framework Privilege Escalation Risk in Member Edit form Moderate
GHSA-xpff-c35g-j3cr was published for silverstripe/framework (Composer) May 27, 2024
Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9. High Unreviewed
CVE-2023-5839 was published Oct 29, 2023
A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read... Moderate Unreviewed
CVE-2023-20194 was published Sep 7, 2023
A flaw was found in the Open Cluster Management (OCM) when a user have access to the worker nodes... Moderate Unreviewed
CVE-2023-2250 was published Apr 24, 2023
privilege chaining in cockpit-hq/cockpit High
CVE-2023-0759 was published for cockpit-hq/cockpit (Composer) Feb 9, 2023
It was discovered that a systemd service that uses DynamicUser property can get new privileges... High Unreviewed
CVE-2019-3844 was published May 24, 2022
twill is vulnerable to Cross-Site Request Forgery (CSRF) Moderate
CVE-2021-3932 was published for area17/twill (Composer) Nov 15, 2021
ProTip! Advisories are also available from the GraphQL API