Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,077 advisories

Loading
Incorrect default permissions in some Intel(R) ISH software installers may allow an authenticated... Moderate Unreviewed
CVE-2024-23974 was published Aug 14, 2024
Incorrect default permissions for some Intel(R) Connectivity Performance Suite software... Moderate Unreviewed
CVE-2023-43747 was published Aug 14, 2024
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to... High Unreviewed
CVE-2023-31349 was published Aug 13, 2024
In ICMPv6 Neighbor Discovery (ND), the ID is always 0. When pf is configured to allow ND and... Moderate Unreviewed
CVE-2024-6640 was published Aug 12, 2024
CloudStack account-users by default use username and password based authentication for API and UI... High Unreviewed
CVE-2024-42062 was published Aug 7, 2024
Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows... Moderate Unreviewed
CVE-2024-34617 was published Aug 7, 2024
Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1... Moderate Unreviewed
CVE-2024-34616 was published Aug 7, 2024
It was possible for a web extension with minimal permissions to create a `StreamFilter` which... Critical Unreviewed
CVE-2024-7525 was published Aug 6, 2024
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory... High Unreviewed
CVE-2024-43114 was published Aug 6, 2024
Kubean vulnerable to cluster-level privilege escalation High
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
Untrusted Search Path, Incorrect Default Permissions vulnerability in Cato Networks SDP Client on... High Unreviewed
CVE-2024-6974 was published Jul 31, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 10... High Unreviewed
CVE-2024-40805 was published Jul 30, 2024
A permissions issue was addressed by removing vulnerable code and adding additional checks. This... High Unreviewed
CVE-2024-27888 was published Jul 30, 2024
The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with... High Unreviewed
CVE-2024-42053 was published Jul 28, 2024
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and... High Unreviewed
CVE-2024-36541 was published Jul 24, 2024
An incorrect permission in the installation directory for the shared NI SystemLink Server... Moderate Unreviewed
CVE-2024-6122 was published Jul 22, 2024
Kubernetes sets incorrect permissions on Windows containers logs High
CVE-2024-5321 was published for k8s.io/kubernetes (Go) Jul 18, 2024
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported... Low Unreviewed
CVE-2024-21123 was published Jul 17, 2024
Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft ... Moderate Unreviewed
CVE-2024-21122 was published Jul 17, 2024
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®... Low Unreviewed
CVE-2024-6326 was published Jul 16, 2024
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www... Moderate Unreviewed
CVE-2024-6325 was published Jul 16, 2024
Under certain circumstances the Software House C●CURE 9000 Site Server provides insufficient... High Unreviewed
CVE-2024-32861 was published Jul 16, 2024
Denial of service vulnerability present shortly after product installation or upgrade,... Moderate Unreviewed
CVE-2024-3779 was published Jul 16, 2024
In multiple locations, there is a possible information leak due to a missing permission check.... Moderate Unreviewed
CVE-2024-31312 was published Jul 9, 2024
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on... High Unreviewed
CVE-2024-3904 was published Jul 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database