Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,337
NuGet
765
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

144 advisories

Loading
Grafana folders admin only permission privilege escalation High
CVE-2022-36062 was published for github.com/grafana/grafana (Go) May 14, 2024
Missing permission checks on Hazelcast client protocol High
CVE-2023-45859 was published for com.hazelcast:hazelcast (Maven) Feb 27, 2024
jorditpuig
Credited to jorditpuig
Vulnerability of permission verification in the content sharing pop-up module.Successful... High Unreviewed
CVE-2023-52373 was published Feb 18, 2024
Insufficient macro permission validation of The Document Foundation LibreOffice allows an... High Unreviewed
CVE-2023-6186 was published Dec 11, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write... High Unreviewed
CVE-2023-43612 was published Nov 20, 2023
A software vulnerability has been identified in the U-Boot Secondary Program Loader (SPL) before... High Unreviewed
CVE-2023-39902 was published Oct 17, 2023
Disabled permissions can be granted by Jenkins SSH2 Easy Plugin High
CVE-2023-41939 was published for org.jenkins-ci.plugins:ssh2easy (Maven) Sep 6, 2023
System files could be overwritten using the less command in Brocade Fabric OS before Brocade... High Unreviewed
CVE-2023-31926 was published Aug 2, 2023
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. When a local... High Unreviewed
CVE-2023-1386 was published Jul 24, 2023
IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper... High Unreviewed
CVE-2022-43910 was published Jul 19, 2023
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local... High Unreviewed
CVE-2023-0975 was published Jul 6, 2023
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially... High Unreviewed
CVE-2022-4139 was published Jul 6, 2023
Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM... High Unreviewed
CVE-2023-34672 was published Jun 23, 2023
If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a... High Unreviewed
CVE-2023-28161 was published Jun 2, 2023
Suprema BioStar 2 before 2022 Q4, v2.9.1 has Insecure Permissions. A vulnerability in the web... High Unreviewed
CVE-2023-31923 was published May 22, 2023
vantage6 vulnerable to Improper Preservation of Permissions High
CVE-2023-22738 was published for vantage6 (pip) Feb 28, 2023
The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this... High Unreviewed
CVE-2022-48295 was published Feb 9, 2023
The bundle management module lacks permission verification in some APIs. Successful exploitation... High Unreviewed
CVE-2022-48301 was published Feb 9, 2023
An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web... High Unreviewed
CVE-2020-18329 was published Jan 26, 2023
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions ... High Unreviewed
CVE-2022-38473 was published Dec 22, 2022
AList vulnerable to Improper Preservation of Permissions High
CVE-2022-45968 was published for github.com/alist-org/alist/v3 (Go) Dec 12, 2022
NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration... High Unreviewed
CVE-2022-31608 was published Nov 19, 2022
Improper access control in the Intel(R) NUC HDMI Firmware Update Tool for NUC7i3DN, NUC7i5DN and... High Unreviewed
CVE-2022-26024 was published Nov 11, 2022
A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and... High Unreviewed
CVE-2021-45446 was published Nov 2, 2022
The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate... High Unreviewed
CVE-2020-12744 was published Oct 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database