Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

383 advisories

Loading
Incorrect default permissions for some Intel(R) GPA and Intel(R) GPA Framework software... Moderate Unreviewed
CVE-2024-42419 was published Feb 13, 2025
Incorrect default permissions for some Intel(R) DSA installer for Windows before version 24.2.19... Moderate Unreviewed
CVE-2024-32942 was published Feb 13, 2025
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2025-24826 was published Jan 28, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2025-24140 was published Jan 28, 2025
Weak default folder permissions Moderate Unreviewed
CVE-2024-55930 was published Jan 23, 2025
Insecure Permissions vulnerability in themesebrand Chatvia v.5.3.2 allows a remote attacker to... Moderate Unreviewed
CVE-2024-40514 was published Jan 17, 2025
Insecure permissions in the XNetSocketClient component of XINJE XDPPro.exe v3.2.2 to v3.7.17c... Moderate Unreviewed
CVE-2024-52783 was published Jan 15, 2025
IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as... Moderate Unreviewed
CVE-2024-43176 was published Jan 9, 2025
Permission control vulnerability in the Connectivity module Impact: Successful exploitation of... Moderate Unreviewed
CVE-2024-56440 was published Jan 8, 2025
Vulnerability of improper permission control in the Gallery module Impact: Successful... Moderate Unreviewed
CVE-2023-52954 was published Jan 8, 2025
PVH guests have their ACPI tables constructed by the toolstack. The construction involves... Moderate Unreviewed
CVE-2024-45819 was published Dec 19, 2024
Gee-netics, member of the AXIS Camera Station Pro Bug Bounty Program has found that it is... Moderate Unreviewed
CVE-2024-6476 was published Nov 26, 2024
An issue in Owncloud android apk v.4.3.1 allows a physically proximate attacker to escalate... Moderate Unreviewed
CVE-2024-50657 was published Nov 22, 2024
A discrepancy between responses for valid and invalid e-mail accounts in the Forgot your Login?... Moderate Unreviewed
CVE-2024-48533 was published Nov 20, 2024
Incorrect access control in QuickHeal Antivirus Pro 24.1.0.182 and earlier allows authenticated... Moderate Unreviewed
CVE-2024-48293 was published Nov 18, 2024
A security vulnerability has been identified in HPE Data Management Framework (DMF) Suite (CXFS).... Moderate Unreviewed
CVE-2024-51764 was published Nov 16, 2024
A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS).... Moderate Unreviewed
CVE-2024-51765 was published Nov 16, 2024
Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may... Moderate Unreviewed
CVE-2024-35201 was published Nov 13, 2024
Incorrect default permissions in some Intel(R) Distribution for Python software before version... Moderate Unreviewed
CVE-2024-29083 was published Nov 13, 2024
Incorrect default permissions for some Intel(R) Binary Configuration Tool software for Windows... Moderate Unreviewed
CVE-2024-25647 was published Nov 13, 2024
In validateAccountsInternal of AccountManagerService.java, there is a possible way to leak... Moderate Unreviewed
CVE-2024-43086 was published Nov 13, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Moderate Unreviewed
CVE-2024-46894 was published Nov 12, 2024
SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to... Moderate Unreviewed
CVE-2024-47593 was published Nov 12, 2024
Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to... Moderate Unreviewed
CVE-2024-34679 was published Nov 6, 2024
VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users. Moderate Unreviewed
CVE-2024-10469 was published Oct 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database