Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,781
Erlang
36
GitHub Actions
29
Go
2,345
Maven
5,000+
npm
3,976
NuGet
719
pip
3,772
Pub
12
RubyGems
923
Rust
980
Swift
38
Unreviewed advisories
All unreviewed
5,000+

141 advisories

Loading
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2024-27795 was published Sep 17, 2024
Podman publishes a malicious image to public registries High
CVE-2022-1227 was published for github.com/containers/podman/v3 (Go) Apr 30, 2022
andrewpollock
Grafana folders admin only permission privilege escalation High
CVE-2022-36062 was published for github.com/grafana/grafana (Go) May 14, 2024
In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin... High Unreviewed
CVE-2024-23464 was published Aug 6, 2024
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2024-40821 was published Jul 30, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. An app... High Unreviewed
CVE-2024-40811 was published Jul 30, 2024
This issue was addressed through improved state management. This issue is fixed in watchOS 10.6,... High Unreviewed
CVE-2024-40824 was published Jul 30, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS... High Unreviewed
CVE-2024-40828 was published Jul 30, 2024
An input validation issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2024-40800 was published Jul 30, 2024
There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force... High Unreviewed
CVE-2023-25646 was published Jun 20, 2024
When installing Nessus Agent to a directory outside of the default location on a Windows host,... High Unreviewed
CVE-2024-3291 was published May 17, 2024
When installing Nessus to a directory outside of the default location on a Windows host, Nessus... High Unreviewed
CVE-2024-3289 was published May 17, 2024
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. When a local... High Unreviewed
CVE-2023-1386 was published Jul 24, 2023
A software vulnerability has been identified in the U-Boot Secondary Program Loader (SPL) before... High Unreviewed
CVE-2023-39902 was published Oct 17, 2023
IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper... High Unreviewed
CVE-2022-43910 was published Jul 19, 2023
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local... High Unreviewed
CVE-2023-0975 was published Jul 6, 2023
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially... High Unreviewed
CVE-2022-4139 was published Jul 6, 2023
If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a... High Unreviewed
CVE-2023-28161 was published Jun 2, 2023
Suprema BioStar 2 before 2022 Q4, v2.9.1 has Insecure Permissions. A vulnerability in the web... High Unreviewed
CVE-2023-31923 was published May 22, 2023
OX App Suite through 7.10.2 has Insecure Permissions. High Unreviewed
CVE-2019-14226 was published May 24, 2022
Plesk CMS 18.0.37 is affected by an insecure permissions vulnerability that allows privilege... High Unreviewed
CVE-2021-45008 was published Feb 22, 2022
Disabled permissions can be granted by Jenkins SSH2 Easy Plugin High
CVE-2023-41939 was published for org.jenkins-ci.plugins:ssh2easy (Maven) Sep 6, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write... High Unreviewed
CVE-2023-43612 was published Nov 20, 2023
NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration... High Unreviewed
CVE-2022-31608 was published Nov 19, 2022
A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and... High Unreviewed
CVE-2021-45446 was published Nov 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database