GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
51 advisories
Filter by severity
Improper Handling of Insufficient Permissions or Privileges in MySQL Connectors Java
Moderate
CVE-2022-21363
was published
for
mysql:mysql-connector-java
(Maven)
Jan 20, 2022
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where...
Moderate
Unreviewed
CVE-2022-21814
was published
Feb 8, 2022
Improper privilege handling in Apache Accumulo
High
CVE-2020-17533
was published
for
org.apache.accumulo:accumulo-master
(Maven)
Feb 9, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to...
High
Unreviewed
CVE-2019-6570
was published
May 13, 2022
Missing permissions check in Jenkins Core
Moderate
CVE-2016-3725
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
An insufficient permission check vulnerability exists in Pulse Connect Secure <9.1R8 that allows...
Moderate
Unreviewed
CVE-2020-8219
was published
May 24, 2022
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022...
Low
Unreviewed
CVE-2022-39886
was published
Nov 10, 2022
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to...
Low
Unreviewed
CVE-2022-39885
was published
Nov 10, 2022
Missing permissions check in Liferay Portal
Moderate
CVE-2022-42126
was published
for
com.liferay.portal:release.portal.bom
(Maven)
Nov 15, 2022
Duplicate Advisory: Apiman has insufficient checks for read permissions
High
GHSA-54r5-wr8x-x5v3
was published
for
io.apiman:apiman-manager-api-rest-impl
(Maven)
Dec 20, 2022
•
withdrawn
usememos/memos vulnerable to Improper Handling of Insufficient Permissions or Privileges
Moderate
CVE-2022-4863
was published
for
github.com/usememos/memos
(Go)
Dec 30, 2022
`cilium-cli` disables etcd authorization for clustermesh clusters
Moderate
CVE-2023-28114
was published
for
github.com/cilium/cilium-cli
(Go)
Mar 21, 2023
Apiman vulnerable to permissions bypass due to missing check on API key URL
Moderate
CVE-2023-28640
was published
for
io.apiman:apiman-manager-api-rest-impl
(Maven)
Mar 27, 2023
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer...
High
Unreviewed
CVE-2023-0181
was published
Apr 1, 2023
Insufficient permission checks in the REST API in Tribe29 Checkmk <= 2.1.0p27 and <= 2.2.0b4 ...
Moderate
Unreviewed
CVE-2023-2020
was published
Apr 18, 2023
Missing access permissions checks in M-Files Client before 23.5.12598.0 allows elevation of...
High
Unreviewed
CVE-2023-2480
was published
May 25, 2023
Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker...
Moderate
Unreviewed
CVE-2023-32489
was published
Aug 16, 2023
Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient...
Moderate
Unreviewed
CVE-2023-43087
was published
Nov 2, 2023
Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an...
High
Unreviewed
CVE-2023-43591
was published
Nov 15, 2023
Missing access permissions checks
in the M-Files server before 23.11.13156.0 allow attackers...
Moderate
Unreviewed
CVE-2023-6189
was published
Nov 22, 2023
Quarkus Improper Handling of Insufficient Permissions or Privileges and Improper Handling of Exceptional Conditions vulnerability
High
CVE-2023-6267
was published
for
io.quarkus.resteasy.reactive:resteasy-reactive
(Maven)
Jan 25, 2024
Dell Power Manager, versions prior to 3.14, contain an Improper Authorization vulnerability in...
High
Unreviewed
CVE-2023-25543
was published
Feb 6, 2024
Pixelfed doesn't check OAuth Scopes in API routes, giving elevated permissions
Critical
CVE-2024-25108
was published
for
pixelfed/pixelfed
(Composer)
Feb 12, 2024
In OPPO Usercenter Credit SDK, there's a possible escalation of privilege due to loose permission...
Critical
Unreviewed
CVE-2024-1608
was published
Feb 20, 2024
A vulnerability was found in 3Scale, when used with Keycloak 15 (or RHSSO 7.5.0) and superiors....
Moderate
Unreviewed
CVE-2024-0560
was published
Feb 28, 2024
ProTip!
Advisories are also available from the
GraphQL API