GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,079 advisories
Filter by severity
By default, dedicated folders of ZONECENTRAL for Windows up to 2024.3 or up to Q.2021.2 (ANSSI...
High
Unreviewed
CVE-2024-46466
was published
Nov 15, 2024
HCL Connections is vulnerable to a broken access control vulnerability that may allow an...
Low
Unreviewed
CVE-2024-42188
was published
Nov 14, 2024
Restarting a run with revoked script approval allowed by Jenkins Pipeline: Declarative Plugin
High
CVE-2024-52551
was published
for
org.jenkinsci.plugins:pipeline-model-parent
(Maven)
Nov 13, 2024
Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may...
Moderate
Unreviewed
CVE-2024-35201
was published
Nov 13, 2024
Incorrect default permissions in some Intel(R) Distribution for Python software before version...
Moderate
Unreviewed
CVE-2024-29083
was published
Nov 13, 2024
Incorrect default permissions for some Intel(R) Binary Configuration Tool software for Windows...
Moderate
Unreviewed
CVE-2024-25647
was published
Nov 13, 2024
Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations...
High
Unreviewed
CVE-2024-21820
was published
Nov 13, 2024
In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents...
High
Unreviewed
CVE-2024-43085
was published
Nov 13, 2024
In validateAccountsInternal of AccountManagerService.java, there is a possible way to leak...
Moderate
Unreviewed
CVE-2024-43086
was published
Nov 13, 2024
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier...
High
Unreviewed
CVE-2024-43081
was published
Nov 13, 2024
In updateInternal of MediaProvider.java , there is a possible access of another app's files due...
High
Unreviewed
CVE-2024-43089
was published
Nov 13, 2024
In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to...
High
Unreviewed
CVE-2024-40661
was published
Nov 13, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display...
High
Unreviewed
CVE-2024-40660
was published
Nov 13, 2024
grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.
High
Unreviewed
CVE-2024-49504
was published
Nov 13, 2024
Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center...
High
Unreviewed
CVE-2024-21938
was published
Nov 12, 2024
Incorrect default permissions in the AMD Provisioning Console installation directory could allow...
High
Unreviewed
CVE-2024-21958
was published
Nov 12, 2024
Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory...
High
Unreviewed
CVE-2024-21945
was published
Nov 12, 2024
Incorrect default permissions in the AMD Management Console installation directory could allow an...
High
Unreviewed
CVE-2024-21957
was published
Nov 12, 2024
Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation...
High
Unreviewed
CVE-2024-21939
was published
Nov 12, 2024
Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could...
High
Unreviewed
CVE-2024-21946
was published
Nov 12, 2024
Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker...
High
Unreviewed
CVE-2024-21937
was published
Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Moderate
Unreviewed
CVE-2024-46894
was published
Nov 12, 2024
SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to...
Moderate
Unreviewed
CVE-2024-47593
was published
Nov 12, 2024
Moodle has insufficient access control
Low
CVE-2024-43430
was published
for
moodle/moodle
(Composer)
Nov 11, 2024
Trimble TM4Web 22.2.0 allows unauthenticated attackers to access /inc/tm_ajax.msw?func...
Critical
Unreviewed
CVE-2023-27195
was published
Nov 8, 2024
ProTip!
Advisories are also available from the
GraphQL API