Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

519 advisories

Loading
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are... High Unreviewed
CVE-2024-52867 was published Nov 17, 2024
An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total... High Unreviewed
CVE-2024-48292 was published Nov 18, 2024
In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to... High Unreviewed
CVE-2017-13312 was published Nov 16, 2024
In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there... High Unreviewed
CVE-2018-9432 was published Nov 20, 2024
In bootloader there is fastboot command allowing user specified kernel command line arguments.... High Unreviewed
CVE-2018-9369 was published Nov 19, 2024
MLflow's excessive directory permissions allow local privilege escalation High
CVE-2024-27134 was published for mlflow (pip) Nov 25, 2024
By default, dedicated folders of ZONEPOINT for Windows up to 2024.1 can be accessed by other... High Unreviewed
CVE-2024-46467 was published Nov 15, 2024
By default, dedicated folders of ZONECENTRAL for Windows up to 2024.3 or up to Q.2021.2 (ANSSI... High Unreviewed
CVE-2024-46466 was published Nov 15, 2024
By default, dedicated folders of CRYHOD for Windows up to 2024.3 can be accessed by other users... High Unreviewed
CVE-2024-46465 was published Nov 15, 2024
By default, dedicated folders of ORIZON for Windows up to 2024.3 can be accessed by other users... High Unreviewed
CVE-2024-46463 was published Nov 15, 2024
By default, dedicated folders of ZEDMAIL for Windows up to 2024.3 can be accessed by other users... High Unreviewed
CVE-2024-46462 was published Nov 15, 2024
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated... High Unreviewed
CVE-2024-52323 was published Nov 27, 2024
The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder... High Unreviewed
CVE-2024-11969 was published Nov 28, 2024
In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input... High Unreviewed
CVE-2018-9431 was published Dec 3, 2024
Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3) High
CVE-2024-54131 was published for github.com/kolide/launcher (Go) Dec 3, 2024
An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their... High Unreviewed
CVE-2024-46624 was published Dec 4, 2024
A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for... High Unreviewed
CVE-2023-32351 was published Jun 23, 2023
In onCreate of DataUsageSummary.java, there is a possible method for a guest user to enable or... High Unreviewed
CVE-2023-21175 was published Jun 28, 2023
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4,... High Unreviewed
CVE-2023-32405 was published Jun 23, 2023
In onCreate of UsbAccessoryUriActivity.java, there is a possible way to escape the Setup Wizard... High Unreviewed
CVE-2023-21187 was published Jun 28, 2023
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2024-23253 was published Mar 8, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 10... High Unreviewed
CVE-2024-40805 was published Jul 30, 2024
A permissions issue was addressed by removing vulnerable code and adding additional checks. This... High Unreviewed
CVE-2024-27888 was published Jul 30, 2024
Under specific circumstances, insecure permissions in Ivanti Application Control before version... High Unreviewed
CVE-2024-11598 was published Dec 11, 2024
Under specific circumstances, insecure permissions in Ivanti Performance Manager before version... High Unreviewed
CVE-2024-11597 was published Dec 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database