Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

491 advisories

Loading
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The... High Unreviewed
CVE-2024-8533 was published Sep 12, 2024
In multiple locations, there is a possible permission bypass due to a confused deputy. This could... High Unreviewed
CVE-2024-40654 was published Sep 11, 2024
ntfs3 in the Linux kernel before 6.5.11 allows a physically proximate attacker to read kernel... High Unreviewed
CVE-2023-45896 was published Aug 28, 2024
An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo... High Unreviewed
CVE-2024-4763 was published Aug 16, 2024
An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and... High Unreviewed
CVE-2024-2175 was published Aug 16, 2024
Improper Preservation of Permissions in xxl-job High
CVE-2024-42681 was published for com.xuxueli:xxl-job-core (Maven) Aug 15, 2024
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to... High Unreviewed
CVE-2023-31349 was published Aug 13, 2024
CloudStack account-users by default use username and password based authentication for API and UI... High Unreviewed
CVE-2024-42062 was published Aug 7, 2024
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory... High Unreviewed
CVE-2024-43114 was published Aug 6, 2024
Kubean vulnerable to cluster-level privilege escalation High
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
Untrusted Search Path, Incorrect Default Permissions vulnerability in Cato Networks SDP Client on... High Unreviewed
CVE-2024-6974 was published Jul 31, 2024
The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with... High Unreviewed
CVE-2024-42053 was published Jul 28, 2024
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and... High Unreviewed
CVE-2024-36541 was published Jul 24, 2024
Kubernetes sets incorrect permissions on Windows containers logs High
CVE-2024-5321 was published for k8s.io/kubernetes (Go) Jul 18, 2024
Under certain circumstances the Software House C●CURE 9000 Site Server provides insufficient... High Unreviewed
CVE-2024-32861 was published Jul 16, 2024
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on... High Unreviewed
CVE-2024-3904 was published Jul 4, 2024
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows,... High Unreviewed
CVE-2024-4679 was published Jul 2, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could... High Unreviewed
CVE-2023-38370 was published Jun 27, 2024
pgAdmin <= 8.8 has an installation Directory permission issue. Because of this issue, attackers... High Unreviewed
CVE-2024-6238 was published Jun 25, 2024
The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an... High Unreviewed
CVE-2024-36495 was published Jun 24, 2024
langchain_experimental Code Execution via Python REPL access High
CVE-2024-38459 was published for langchain-experimental (pip) Jun 16, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several... High Unreviewed
CVE-2024-27167 was published Jun 14, 2024
A remote attacker using the insecure upload functionality will be able to overwrite any Python... High Unreviewed
CVE-2024-27171 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27155 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27151 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database