Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,800
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,805
Pub
12
RubyGems
927
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

500 advisories

Loading
A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect... Moderate Unreviewed
CVE-2024-41970 was published Nov 18, 2024
Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow... Moderate Unreviewed
CVE-2024-36276 was published Nov 13, 2024
Insecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow... Moderate Unreviewed
CVE-2024-36294 was published Nov 13, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could... Moderate Unreviewed
CVE-2024-6360 was published Oct 2, 2024
Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local... Moderate Unreviewed
CVE-2023-49582 was published Aug 26, 2024
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0,... Moderate Unreviewed
CVE-2022-43915 was published Aug 24, 2024
A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat... Moderate Unreviewed
CVE-2024-7986 was published Aug 23, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows... Moderate Unreviewed
CVE-2024-5915 was published Aug 14, 2024
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before... Moderate Unreviewed
CVE-2024-25561 was published Aug 14, 2024
Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before... Moderate Unreviewed
CVE-2024-23908 was published Aug 14, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-27883 was published Jul 30, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for... Moderate Unreviewed
CVE-2024-41685 was published Jul 26, 2024
snapd failed to restrict writes to the $HOME/bin path Moderate
CVE-2024-1724 was published for github.com/snapcore/snapd (Go) Jul 25, 2024
The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag... Moderate Unreviewed
CVE-2024-6739 was published Jul 15, 2024
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local... Moderate Unreviewed
CVE-2024-20456 was published Jul 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... Moderate Unreviewed
CVE-2024-39875 was published Jul 9, 2024
The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network... Moderate Unreviewed
CVE-2024-37087 was published Jun 25, 2024
Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow... Moderate Unreviewed
CVE-2024-21835 was published May 16, 2024
On Windows systems, the Arc configuration files resulted to be world-readable. This can lead... Moderate Unreviewed
CVE-2023-5937 was published May 15, 2024
Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products Moderate Unreviewed
CVE-2024-27108 was published May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Moderate Unreviewed
CVE-2024-30208 was published May 14, 2024
A local privilege escalation vulnerability has been identified in Harmony Endpoint Security... Moderate Unreviewed
CVE-2024-24912 was published May 1, 2024
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities Moderate
CVE-2022-24769 was published for github.com/docker/docker (Go) Apr 22, 2024
AndrewGMorgan
Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and... Moderate Unreviewed
CVE-2024-29964 was published Apr 19, 2024
Vulnerability in the PeopleSoft Enterprise HCM Benefits Administration product of Oracle... Moderate Unreviewed
CVE-2024-21063 was published Apr 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database