Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,176 advisories

Loading
A privilege escalation vulnerability exists in the affected products which could allow a... High Unreviewed
CVE-2024-6435 was published Jul 16, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for... Moderate Unreviewed
CVE-2024-41685 was published Jul 26, 2024
Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources High
CVE-2021-25318 was published for github.com/rancher/rancher (Go) Apr 24, 2024
snapd failed to restrict writes to the $HOME/bin path Moderate
CVE-2024-1724 was published for github.com/snapcore/snapd (Go) Jul 25, 2024
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and... Moderate Unreviewed
CVE-2021-3557 was published Feb 17, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... Moderate Unreviewed
CVE-2024-39875 was published Jul 9, 2024
Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain... High Unreviewed
CVE-2024-43199 was published Aug 7, 2024
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could... Low Unreviewed
CVE-2022-33167 was published Jul 30, 2024
In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local... High Unreviewed
CVE-2024-6619 was published Aug 13, 2024
CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The... High Unreviewed
CVE-2024-7513 was published Aug 14, 2024
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software... Moderate Unreviewed
CVE-2022-41700 was published Nov 14, 2023
Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate... High Unreviewed
CVE-2024-36821 was published Jun 11, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows... Moderate Unreviewed
CVE-2024-5915 was published Aug 14, 2024
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user... Critical Unreviewed
CVE-2024-5163 was published Jun 17, 2024
VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2024-5930 was published Aug 21, 2024
A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat... Moderate Unreviewed
CVE-2024-7986 was published Aug 23, 2024
Froxlor: /etc/pure-ftpd/db/mysql.conf is chmod 644 but contains <SQL_UNPRIVILEGED_PASSWORD> High
GHSA-34qg-65m4-f23m was published for froxlor/froxlor (Composer) Aug 23, 2024
hardfalcon
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0,... Moderate Unreviewed
CVE-2022-43915 was published Aug 24, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue... Critical Unreviewed
CVE-2024-3375 was published Apr 29, 2024
Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local... Moderate Unreviewed
CVE-2023-49582 was published Aug 26, 2024
Vulnerability of permissions being not strictly verified in the WMS module. Successful... High Unreviewed
CVE-2023-52107 was published Jan 16, 2024
Incorrect permission assignment for critical resource issue exists in ZWX-2000CSW2-HN firmware... High Unreviewed
CVE-2024-41720 was published Aug 5, 2024
HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain... High Unreviewed
CVE-2024-38456 was published Sep 3, 2024
Gitea allowed assignment of private issues Moderate
CVE-2022-38183 was published for code.gitea.io/gitea (Go) Aug 13, 2022
A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All... Critical Unreviewed
CVE-2024-41171 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database