GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,002
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
850
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
354 advisories
Filter by severity
Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft ...
Moderate
Unreviewed
CVE-2024-21122
was published
Jul 17, 2024
Incorrect access control in QuickHeal Antivirus Pro 24.1.0.182 and earlier allows authenticated...
Moderate
Unreviewed
CVE-2024-48293
was published
Nov 18, 2024
A security vulnerability has been identified in HPE Data Management Framework (DMF) Suite (CXFS)....
Moderate
Unreviewed
CVE-2024-51764
was published
Nov 16, 2024
A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS)....
Moderate
Unreviewed
CVE-2024-51765
was published
Nov 16, 2024
Permission verification vulnerability in the lock screen module.
Impact: Successful exploitation...
Moderate
Unreviewed
CVE-2023-52717
was published
Apr 7, 2024
In validateAccountsInternal of AccountManagerService.java, there is a possible way to leak...
Moderate
Unreviewed
CVE-2024-43086
was published
Nov 13, 2024
Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may...
Moderate
Unreviewed
CVE-2024-35201
was published
Nov 13, 2024
Incorrect default permissions in some Intel(R) Distribution for Python software before version...
Moderate
Unreviewed
CVE-2024-29083
was published
Nov 13, 2024
Incorrect default permissions for some Intel(R) Binary Configuration Tool software for Windows...
Moderate
Unreviewed
CVE-2024-25647
was published
Nov 13, 2024
Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to...
Moderate
Unreviewed
CVE-2024-34679
was published
Nov 6, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Moderate
Unreviewed
CVE-2024-46894
was published
Nov 12, 2024
SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to...
Moderate
Unreviewed
CVE-2024-47593
was published
Nov 12, 2024
A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged...
Moderate
Unreviewed
CVE-2023-23344
was published
Jun 23, 2023
VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users.
Moderate
Unreviewed
CVE-2024-10469
was published
Oct 28, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Moderate
Unreviewed
CVE-2024-20921
was published
Feb 17, 2024
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a...
Moderate
Unreviewed
CVE-2024-26302
was published
Feb 28, 2024
Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Human Resource...
Moderate
Unreviewed
CVE-2024-34223
was published
May 14, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-23201
was published
Mar 8, 2024
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to...
Moderate
Unreviewed
CVE-2024-46544
was published
Sep 23, 2024
In multiple locations, there is a possible information leak due to a missing permission check....
Moderate
Unreviewed
CVE-2024-31312
was published
Jul 9, 2024
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function...
Moderate
Unreviewed
CVE-2018-14335
was published
May 13, 2022
Omnis Studio 10.22.00 has incorrect access control. It advertises a feature for making Omnis...
Moderate
Unreviewed
CVE-2023-38335
was published
Jul 20, 2023
Omnis Studio 10.22.00 has incorrect access control. It advertises an irreversible feature for...
Moderate
Unreviewed
CVE-2023-38334
was published
Jul 20, 2023
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS...
Moderate
Unreviewed
CVE-2023-49721
was published
Feb 15, 2024
A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to...
Moderate
Unreviewed
CVE-2024-10183
was published
Oct 22, 2024
ProTip!
Advisories are also available from the
GraphQL API