Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,018 advisories

Loading
Kubean vulnerable to cluster-level privilege escalation High
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
Untrusted Search Path, Incorrect Default Permissions vulnerability in Cato Networks SDP Client on... High Unreviewed
CVE-2024-6974 was published Jul 31, 2024
The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with... High Unreviewed
CVE-2024-42053 was published Jul 28, 2024
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and... High Unreviewed
CVE-2024-36541 was published Jul 24, 2024
An incorrect permission in the installation directory for the shared NI SystemLink Server... Moderate Unreviewed
CVE-2024-6122 was published Jul 22, 2024
Kubernetes sets incorrect permissions on Windows containers logs High
CVE-2024-5321 was published for k8s.io/kubernetes (Go) Jul 18, 2024
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported... Low Unreviewed
CVE-2024-21123 was published Jul 17, 2024
Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft ... Moderate Unreviewed
CVE-2024-21122 was published Jul 17, 2024
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www... Moderate Unreviewed
CVE-2024-6325 was published Jul 16, 2024
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®... Low Unreviewed
CVE-2024-6326 was published Jul 16, 2024
Under certain circumstances the Software House C●CURE 9000 Site Server provides insufficient... High Unreviewed
CVE-2024-32861 was published Jul 16, 2024
Denial of service vulnerability present shortly after product installation or upgrade,... Moderate Unreviewed
CVE-2024-3779 was published Jul 16, 2024
In multiple locations, there is a possible information leak due to a missing permission check.... Moderate Unreviewed
CVE-2024-31312 was published Jul 9, 2024
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on... High Unreviewed
CVE-2024-3904 was published Jul 4, 2024
Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops... Moderate Unreviewed
CVE-2024-2819 was published Jul 2, 2024
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows,... High Unreviewed
CVE-2024-4679 was published Jul 2, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain... Moderate Unreviewed
CVE-2024-35139 was published Jun 28, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could... High Unreviewed
CVE-2023-38370 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information... Moderate Unreviewed
CVE-2023-38368 was published Jun 27, 2024
pgAdmin <= 8.8 has an installation Directory permission issue. Because of this issue, attackers... High Unreviewed
CVE-2024-6238 was published Jun 25, 2024
Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows... Moderate Unreviewed
CVE-2024-22385 was published Jun 25, 2024
The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an... High Unreviewed
CVE-2024-36495 was published Jun 24, 2024
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console Low
CVE-2024-5967 was published for org.keycloak:keycloak-ldap-federation (Maven) Jun 21, 2024
MarkLee131
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials Low
GHSA-gmrm-8fx4-66x7 was published for org.keycloak:keycloak-core (Maven) Jun 18, 2024 withdrawn
langchain_experimental Code Execution via Python REPL access High
CVE-2024-38459 was published for langchain-experimental (pip) Jun 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database