Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

429 advisories

Loading
Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local... Moderate Unreviewed
CVE-2023-49582 was published Aug 26, 2024
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0,... Moderate Unreviewed
CVE-2022-43915 was published Aug 24, 2024
A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat... Moderate Unreviewed
CVE-2024-7986 was published Aug 23, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows... Moderate Unreviewed
CVE-2024-5915 was published Aug 14, 2024
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before... Moderate Unreviewed
CVE-2024-25561 was published Aug 14, 2024
Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before... Moderate Unreviewed
CVE-2024-23908 was published Aug 14, 2024
Kubean vulnerable to cluster-level privilege escalation Moderate
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for... Moderate Unreviewed
CVE-2024-41685 was published Jul 26, 2024
snapd failed to restrict writes to the $HOME/bin path Moderate
CVE-2024-1724 was published for github.com/snapcore/snapd (Go) Jul 25, 2024
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local... Moderate Unreviewed
CVE-2024-20456 was published Jul 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... Moderate Unreviewed
CVE-2024-39875 was published Jul 9, 2024
Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow... Moderate Unreviewed
CVE-2024-21835 was published May 16, 2024
Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products Moderate Unreviewed
CVE-2024-27108 was published May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Moderate Unreviewed
CVE-2024-30208 was published May 14, 2024
A local privilege escalation vulnerability has been identified in Harmony Endpoint Security... Moderate Unreviewed
CVE-2024-24912 was published May 1, 2024
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities Moderate
CVE-2022-24769 was published for github.com/docker/docker (Go) Apr 22, 2024
AndrewGMorgan
Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and... Moderate Unreviewed
CVE-2024-29964 was published Apr 19, 2024
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3... Moderate Unreviewed
CVE-2024-22334 was published Apr 12, 2024
An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows... Moderate Unreviewed
CVE-2024-28589 was published Apr 3, 2024
Dell Grab for Windows, versions 5.0.4 and below, contains an improper file permissions... Moderate Unreviewed
CVE-2024-25956 was published Mar 26, 2024
Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions... Moderate Unreviewed
CVE-2024-28163 was published Mar 12, 2024
Under certain condition SAP NetWeaver (Enterprise Portal) - version 7.50 allows an attacker to... Moderate Unreviewed
CVE-2024-25645 was published Mar 12, 2024
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access... Moderate Unreviewed
CVE-2024-25644 was published Mar 12, 2024
SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL... Moderate Unreviewed
CVE-2024-24740 was published Feb 13, 2024
Spring Security's spring-security.xsd file is world writable Moderate
CVE-2023-34042 was published for org.springframework.security:spring-security-config (Maven) Feb 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database