Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

24 advisories

Loading
org.xwiki.platform:xwiki-platform-notifications-ui is missing checks for notification filter preferences editions Moderate
CVE-2024-46978 was published for org.xwiki.platform:xwiki-platform-notifications-ui (Maven) Sep 18, 2024
floerer
The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an... Critical Unreviewed
CVE-2024-37018 was published May 31, 2024
Improper Privilege Management vulnerability in ExtremePacs Extreme XDS allows Collect Data as... High Unreviewed
CVE-2023-6522 was published Apr 5, 2024
Improper Privilege Management vulnerability in Utarit Information Technologies SoliPay Mobile App... High Unreviewed
CVE-2023-4993 was published Feb 15, 2024
A vulnerability has been identified in Unicam FX (All versions). The windows installer agent used... High Unreviewed
CVE-2024-22042 was published Feb 13, 2024
Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows... High Unreviewed
CVE-2023-6151 was published Nov 28, 2023
Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows... High Unreviewed
CVE-2023-6150 was published Nov 28, 2023
Improper Privilege Management vulnerability in Yepas Digital Yepas allows Collect Data as... High Unreviewed
CVE-2023-4972 was published Sep 14, 2023
In MongoDB Ops Manager v5.0 prior to 5.0.22 and v6.0 prior to 6.0.17 it is possible for an... High Unreviewed
CVE-2023-4009 was published Aug 8, 2023
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote... Moderate Unreviewed
CVE-2023-20136 was published Jun 28, 2023
org.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthors Critical
CVE-2023-29507 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Apr 12, 2023
tmortagne
Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A... High Unreviewed
CVE-2023-28062 was published Apr 11, 2023
A vulnerability in the web-based management interface of Cisco Identity Services Engine could... Moderate Unreviewed
CVE-2022-20965 was published Jan 20, 2023
usememos/memos Incorrect Use of Privileged APIs vulnerability Moderate
CVE-2022-4805 was published for github.com/usememos/memos (Go) Dec 28, 2022
usememos/memos makes Incorrect Use of Privileged APIs High
CVE-2022-4796 was published for github.com/usememos/memos (Go) Dec 28, 2022
usememos/memos makes Incorrect Use of Privileged APIs High
CVE-2022-4687 was published for github.com/usememos/memos (Go) Dec 23, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... High Unreviewed
CVE-2022-20956 was published Nov 4, 2022
Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4. Critical Unreviewed
CVE-2022-2023 was published Jun 21, 2022
Specially crafted API calls may allow an authenticated user who holds Organization Owner... Moderate Unreviewed
CVE-2020-7927 was published May 24, 2022
It was found that the .buildfont1 procedure did not properly secure its privileged calls,... High Unreviewed
CVE-2019-10216 was published May 24, 2022
A flaw was found in, ghostscript versions prior to 9.28, in the .pdf_hook_DSC_Creator procedure... High Unreviewed
CVE-2019-14811 was published May 24, 2022
A flaw was found in, ghostscript versions prior to 9.28, in the .pdfexectoken and other... High Unreviewed
CVE-2019-14817 was published May 24, 2022
It was found that in ghostscript some privileged operators remained accessible from various... High Unreviewed
CVE-2019-3839 was published May 24, 2022
Incorrect Use of Privileged APIs in org.xwiki.platform.skin.skinx Moderate
CVE-2022-24821 was published for org.xwiki.platform:xwiki-platform-skin-skinx (Maven) Apr 8, 2022
ProTip! Advisories are also available from the GraphQL API