GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,518

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

354 advisories

Filter by severity

Sort by

Least recently updated

Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft ... Moderate Unreviewed

CVE-2024-21122 was published Jul 17, 2024

Incorrect access control in QuickHeal Antivirus Pro 24.1.0.182 and earlier allows authenticated... Moderate Unreviewed

CVE-2024-48293 was published Nov 18, 2024

A security vulnerability has been identified in HPE Data Management Framework (DMF) Suite (CXFS).... Moderate Unreviewed

CVE-2024-51764 was published Nov 16, 2024

A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS).... Moderate Unreviewed

CVE-2024-51765 was published Nov 16, 2024

Permission verification vulnerability in the lock screen module. Impact: Successful exploitation... Moderate Unreviewed

CVE-2023-52717 was published Apr 7, 2024

In validateAccountsInternal of AccountManagerService.java, there is a possible way to leak... Moderate Unreviewed

CVE-2024-43086 was published Nov 13, 2024

Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may... Moderate Unreviewed

CVE-2024-35201 was published Nov 13, 2024

Incorrect default permissions in some Intel(R) Distribution for Python software before version... Moderate Unreviewed

CVE-2024-29083 was published Nov 13, 2024

Incorrect default permissions for some Intel(R) Binary Configuration Tool software for Windows... Moderate Unreviewed

CVE-2024-25647 was published Nov 13, 2024

Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to... Moderate Unreviewed

CVE-2024-34679 was published Nov 6, 2024

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Moderate Unreviewed

CVE-2024-46894 was published Nov 12, 2024

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to... Moderate Unreviewed

CVE-2024-47593 was published Nov 12, 2024

A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged... Moderate Unreviewed

CVE-2023-23344 was published Jun 23, 2023

VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users. Moderate Unreviewed

CVE-2024-10469 was published Oct 28, 2024

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Moderate Unreviewed

CVE-2024-20921 was published Feb 17, 2024

A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a... Moderate Unreviewed

CVE-2024-26302 was published Feb 28, 2024

Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Human Resource... Moderate Unreviewed

CVE-2024-34223 was published May 14, 2024

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed

CVE-2024-23201 was published Mar 8, 2024

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to... Moderate Unreviewed

CVE-2024-46544 was published Sep 23, 2024

In multiple locations, there is a possible information leak due to a missing permission check.... Moderate Unreviewed

CVE-2024-31312 was published Jul 9, 2024

An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function... Moderate Unreviewed

CVE-2018-14335 was published May 13, 2022

Omnis Studio 10.22.00 has incorrect access control. It advertises a feature for making Omnis... Moderate Unreviewed

CVE-2023-38335 was published Jul 20, 2023

Omnis Studio 10.22.00 has incorrect access control. It advertises an irreversible feature for... Moderate Unreviewed

CVE-2023-38334 was published Jul 20, 2023

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS... Moderate Unreviewed

CVE-2023-49721 was published Feb 15, 2024

A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to... Moderate Unreviewed

CVE-2024-10183 was published Oct 22, 2024

Previous 1 2 3 4 5 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

354 advisories