GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,031 advisories
Filter by severity
A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to...
Moderate
Unreviewed
CVE-2024-10183
was published
Oct 22, 2024
A vulnerability in the NuPoint Messenger (NPM) component of Mitel MiCollab through version 9.8...
Moderate
Unreviewed
CVE-2024-35287
was published
Oct 21, 2024
Cilium's CIDR deny policies may not take effect when a more narrow CIDR allow is present
Moderate
CVE-2024-47825
was published
for
github.com/cilium/cilium
(Go)
Oct 21, 2024
Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A...
Moderate
Unreviewed
CVE-2024-47240
was published
Oct 18, 2024
Local privilege escalation due to insecure folder permissions. The following products are...
High
Unreviewed
CVE-2024-49389
was published
Oct 17, 2024
There exists an insecure default user permission in Google Cloud Migrate to containers from...
Moderate
Unreviewed
CVE-2024-9858
was published
Oct 16, 2024
A potential information disclosure vulnerability was reported in Lenovo's packaging of Dolby...
Moderate
Unreviewed
CVE-2024-5474
was published
Oct 11, 2024
An Incorrect Default Permissions vulnerability in the command line interface (CLI) of Juniper...
Moderate
Unreviewed
CVE-2024-39544
was published
Oct 11, 2024
PAX Android based POS devices allow for escalation of privilege via improperly configured scripts...
Moderate
Unreviewed
CVE-2023-42133
was published
Oct 11, 2024
Under specific circumstances, insecure permissions in Ivanti Velocity License Server before...
High
Unreviewed
CVE-2024-9167
was published
Oct 8, 2024
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to...
Moderate
Unreviewed
CVE-2024-46544
was published
Sep 23, 2024
In the Linux kernel, the following vulnerability has been resolved:
selinux,smack: don't bypass...
Moderate
Unreviewed
CVE-2024-46695
was published
Sep 13, 2024
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The...
High
Unreviewed
CVE-2024-8533
was published
Sep 12, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-38222
was published
Sep 12, 2024
In multiple locations, there is a possible permission bypass due to a confused deputy. This could...
High
Unreviewed
CVE-2024-40654
was published
Sep 11, 2024
Improper handling of insufficient permissions in Samsung Assistant prior to version 9.1.00.7...
Moderate
Unreviewed
CVE-2024-34661
was published
Sep 4, 2024
Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1...
Moderate
Unreviewed
CVE-2024-34648
was published
Sep 4, 2024
Sensitive information disclosure due to insecure folder permissions. The following products are...
Moderate
Unreviewed
CVE-2024-34018
was published
Aug 29, 2024
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise...
Critical
Unreviewed
CVE-2024-44760
was published
Aug 28, 2024
ntfs3 in the Linux kernel before 6.5.11 allows a physically proximate attacker to read kernel...
High
Unreviewed
CVE-2023-45896
was published
Aug 28, 2024
request_store has Incorrect Default Permissions
Moderate
CVE-2024-43791
was published
for
request_store
(RubyGems)
Aug 23, 2024
An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo...
High
Unreviewed
CVE-2024-4763
was published
Aug 16, 2024
An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and...
High
Unreviewed
CVE-2024-2175
was published
Aug 16, 2024
Improper Preservation of Permissions in xxl-job
High
CVE-2024-42681
was published
for
com.xuxueli:xxl-job-core
(Maven)
Aug 15, 2024
Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow...
Moderate
Unreviewed
CVE-2024-26025
was published
Aug 14, 2024
ProTip!
Advisories are also available from the
GraphQL API