GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
429 advisories
Filter by severity
Under certain condition SAP NetWeaver (Enterprise Portal) - version 7.50 allows an attacker to...
Moderate
Unreviewed
CVE-2024-25645
was published
Mar 12, 2024
SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL...
Moderate
Unreviewed
CVE-2024-24740
was published
Feb 13, 2024
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access...
Moderate
Unreviewed
CVE-2024-25644
was published
Mar 12, 2024
Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions...
Moderate
Unreviewed
CVE-2024-28163
was published
Mar 12, 2024
Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and...
Moderate
Unreviewed
CVE-2024-29964
was published
Apr 19, 2024
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before...
Moderate
Unreviewed
CVE-2024-25561
was published
Aug 14, 2024
Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before...
Moderate
Unreviewed
CVE-2024-23908
was published
Aug 14, 2024
Kubean vulnerable to cluster-level privilege escalation
Moderate
CVE-2024-41820
was published
for
github.com/kubean-io/kubean
(Go)
Aug 5, 2024
Gitea allowed assignment of private issues
Moderate
CVE-2022-38183
was published
for
code.gitea.io/gitea
(Go)
Aug 13, 2022
Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local...
Moderate
Unreviewed
CVE-2023-49582
was published
Aug 26, 2024
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0,...
Moderate
Unreviewed
CVE-2022-43915
was published
Aug 24, 2024
A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat...
Moderate
Unreviewed
CVE-2024-7986
was published
Aug 23, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows...
Moderate
Unreviewed
CVE-2024-5915
was published
Aug 14, 2024
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software...
Moderate
Unreviewed
CVE-2022-41700
was published
Nov 14, 2023
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
Moderate
Unreviewed
CVE-2024-39875
was published
Jul 9, 2024
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and...
Moderate
Unreviewed
CVE-2021-3557
was published
Feb 17, 2022
snapd failed to restrict writes to the $HOME/bin path
Moderate
CVE-2024-1724
was published
for
github.com/snapcore/snapd
(Go)
Jul 25, 2024
Grafana information disclosure
Moderate
CVE-2020-12458
was published
for
github.com/grafana/grafana
(Go)
May 24, 2022
Grafana world readable configuration files
Moderate
CVE-2020-12459
was published
for
github.com/grafana/grafana
(Go)
May 24, 2022
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for...
Moderate
Unreviewed
CVE-2024-41685
was published
Jul 26, 2024
An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows...
Moderate
Unreviewed
CVE-2024-28589
was published
Apr 3, 2024
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local...
Moderate
Unreviewed
CVE-2024-20456
was published
Jul 10, 2024
A local privilege escalation vulnerability has been identified in Harmony Endpoint Security...
Moderate
Unreviewed
CVE-2024-24912
was published
May 1, 2024
Incorrect Permission Assignment for Critical Resource in Jenkins Credentials Binding Plugin
Moderate
CVE-2022-20616
was published
for
org.jenkins-ci.plugins:credentials-binding
(Maven)
Jan 13, 2022
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-21305
was published
Jan 9, 2024
ProTip!
Advisories are also available from the
GraphQL API