Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

60 advisories

Loading
Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated... Moderate Unreviewed
CVE-2024-9333 was published Oct 2, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-44188 was published Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-40831 was published Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-40859 was published Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-27858 was published Sep 17, 2024
A non-admin user can change or remove important features within the Zabbix Agent application,... Moderate Unreviewed
CVE-2024-22121 was published Aug 12, 2024
User with no permission to any of the Hosts can access and view host count & other statistics... Moderate Unreviewed
CVE-2024-22114 was published Aug 12, 2024
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a... Moderate Unreviewed
CVE-2024-33892 was published Aug 2, 2024
HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when... Moderate Unreviewed
CVE-2024-23560 was published Apr 15, 2024
Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop... Moderate Unreviewed
CVE-2024-3545 was published Apr 9, 2024
Anope before 2.0.15 does not prevent resetting the password of a suspended account. Moderate Unreviewed
CVE-2024-30187 was published Mar 25, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through... Moderate Unreviewed
CVE-2024-21816 was published Mar 4, 2024
An issue was discovered in Couchbase Server before 7.2.4. An attacker can bypass SQL++ N1QL cURL... Moderate Unreviewed
CVE-2023-49932 was published Feb 29, 2024
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,... Moderate Unreviewed
CVE-2024-0674 was published Jan 30, 2024
Improperly calculated effective permissions in M-Files Server versions 23.9 and 23.10 and 23.11... Moderate Unreviewed
CVE-2023-6239 was published Nov 28, 2023
Netskope was made aware of a security vulnerability in its NSClient product for version 100 &... Moderate Unreviewed
CVE-2023-4996 was published Nov 6, 2023
The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory.... Moderate Unreviewed
CVE-2022-47637 was published Sep 13, 2023
In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time... Moderate Unreviewed
CVE-2023-21249 was published Jul 13, 2023
An insecure filesystem permission in the Insider Threat Management Agent for Windows enables... Moderate Unreviewed
CVE-2023-2818 was published Jun 27, 2023
A valid, authenticated user with limited privileges may be able to use specifically crafted web... Moderate Unreviewed
CVE-2023-2993 was published Jun 26, 2023
The SystemUI has a vulnerability in permission management. Successful exploitation of this... Moderate Unreviewed
CVE-2022-48296 was published Feb 9, 2023
Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to... Moderate Unreviewed
CVE-2022-4326 was published Dec 21, 2022
GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not... Moderate Unreviewed
CVE-2022-47547 was published Dec 19, 2022
Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access... Moderate Unreviewed
CVE-2022-41708 was published Oct 20, 2022
Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of... Moderate Unreviewed
CVE-2022-2787 was published Aug 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database