Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,077 advisories

Loading
CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and... High Unreviewed
CVE-2024-38499 was published Dec 17, 2024
In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an... Critical Unreviewed
CVE-2024-55956 was published Dec 13, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2024-44224 was published Dec 12, 2024
Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2024-11872 was published Dec 12, 2024
Under specific circumstances, insecure permissions in Ivanti Application Control before version... High Unreviewed
CVE-2024-11598 was published Dec 11, 2024
Under specific circumstances, insecure permissions in Ivanti Performance Manager before version... High Unreviewed
CVE-2024-11597 was published Dec 11, 2024
Under specific circumstances, insecure permissions in Ivanti Security Controls before version... High Unreviewed
CVE-2024-10251 was published Dec 11, 2024
Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1... High Unreviewed
CVE-2024-9845 was published Dec 11, 2024
Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10... High Unreviewed
CVE-2024-8496 was published Dec 11, 2024
An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build... Critical Unreviewed
CVE-2024-45494 was published Dec 10, 2024
COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-54751 was published Dec 10, 2024
WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-54747 was published Dec 6, 2024
WAVLINK WN701AE M01AE_V240305 was discovered to contain a hardcoded password vulnerability in ... Critical Unreviewed
CVE-2024-54745 was published Dec 6, 2024
An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their... High Unreviewed
CVE-2024-46624 was published Dec 4, 2024
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can... Low Unreviewed
CVE-2024-53921 was published Dec 3, 2024
Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3) High
CVE-2024-54131 was published for github.com/kolide/launcher (Go) Dec 3, 2024
In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input... High Unreviewed
CVE-2018-9431 was published Dec 3, 2024
Ever Traduora 0.20.0 and below is vulnerable to Privilege Escalation due to the use of a hard... Critical Unreviewed
CVE-2024-53484 was published Dec 2, 2024
The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder... High Unreviewed
CVE-2024-11969 was published Nov 28, 2024
OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible... Critical Unreviewed
CVE-2024-46054 was published Nov 27, 2024
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated... High Unreviewed
CVE-2024-52323 was published Nov 27, 2024
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required... Critical Unreviewed
CVE-2024-11703 was published Nov 26, 2024
Gee-netics, member of the AXIS Camera Station Pro Bug Bounty Program has found that it is... Moderate Unreviewed
CVE-2024-6476 was published Nov 26, 2024
MLflow's excessive directory permissions allow local privilege escalation High
CVE-2024-27134 was published for mlflow (pip) Nov 25, 2024
Incorrect access control in Meabilis CMS 1.0 allows attackers to access other users' address... Unknown Unreviewed
CVE-2024-44786 was published Nov 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database