GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+
564 advisories
Filter by severity
Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker...
High
Unreviewed
CVE-2024-21937
was published
Nov 12, 2024
Incorrect default permissions in the AMD Provisioning Console installation directory could allow...
High
Unreviewed
CVE-2024-21958
was published
Nov 12, 2024
Incorrect default permissions in the AMD Management Console installation directory could allow an...
High
Unreviewed
CVE-2024-21957
was published
Nov 12, 2024
Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center...
High
Unreviewed
CVE-2024-21938
was published
Nov 12, 2024
Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation...
High
Unreviewed
CVE-2024-21939
was published
Nov 12, 2024
Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could...
High
Unreviewed
CVE-2024-21946
was published
Nov 12, 2024
Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory...
High
Unreviewed
CVE-2024-21945
was published
Nov 12, 2024
grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.
High
Unreviewed
CVE-2024-49504
was published
Nov 13, 2024
Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations...
High
Unreviewed
CVE-2024-21820
was published
Nov 13, 2024
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier...
High
Unreviewed
CVE-2024-43081
was published
Nov 13, 2024
In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents...
High
Unreviewed
CVE-2024-43085
was published
Nov 13, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display...
High
Unreviewed
CVE-2024-40660
was published
Nov 13, 2024
Restarting a run with revoked script approval allowed by Jenkins Pipeline: Declarative Plugin
High
CVE-2024-52551
was published
for
org.jenkinsci.plugins:pipeline-model-parent
(Maven)
Nov 13, 2024
Django allows unintended model editing
High
CVE-2019-19118
was published
for
Django
(pip)
Dec 4, 2019
Incorrect Default Permissions in Apache DolphinScheduler
High
CVE-2020-13922
was published
for
org.apache.dolphinscheduler:dolphinscheduler-api
(Maven)
Feb 9, 2022
Kubernetes sets incorrect permissions on Windows containers logs
High
CVE-2024-5321
was published
for
k8s.io/kubernetes
(Go)
Jul 18, 2024
Kubean vulnerable to cluster-level privilege escalation
High
CVE-2024-41820
was published
for
github.com/kubean-io/kubean
(Go)
Aug 5, 2024
In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading...
High
Unreviewed
CVE-2017-13310
was published
Nov 16, 2024
In the read() function of ProcessStats.java, there is a possible read/write serialization issue...
High
Unreviewed
CVE-2017-13311
was published
Nov 16, 2024
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are...
High
Unreviewed
CVE-2024-52867
was published
Nov 17, 2024
An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total...
High
Unreviewed
CVE-2024-48292
was published
Nov 18, 2024
In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to...
High
Unreviewed
CVE-2017-13312
was published
Nov 16, 2024
In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there...
High
Unreviewed
CVE-2018-9432
was published
Nov 20, 2024
In bootloader there is fastboot command allowing user specified kernel command line arguments....
High
Unreviewed
CVE-2018-9369
was published
Nov 19, 2024
MLflow's excessive directory permissions allow local privilege escalation
High
CVE-2024-27134
was published
for
mlflow
(pip)
Nov 25, 2024
ProTip!
Advisories are also available from the
GraphQL API