GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,927
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,047
Maven 5,232
npm 3,739
NuGet 668
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,377

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,079 advisories

Filter by severity

Sort by

Least recently updated

Incorrect Default Permissions vulnerability in Edgecross Basic Software for Windows versions 1.00... High Unreviewed

CVE-2024-4229 was published Dec 19, 2024

Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned... High Unreviewed

CVE-2024-49202 was published Dec 18, 2024

CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and... High Unreviewed

CVE-2024-38499 was published Dec 17, 2024

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an... Critical Unreviewed

CVE-2024-55956 was published Dec 13, 2024

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed

CVE-2024-44224 was published Dec 12, 2024

Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability. This... High Unreviewed

CVE-2024-11872 was published Dec 12, 2024

Under specific circumstances, insecure permissions in Ivanti Application Control before version... High Unreviewed

CVE-2024-11598 was published Dec 11, 2024

Under specific circumstances, insecure permissions in Ivanti Performance Manager before version... High Unreviewed

CVE-2024-11597 was published Dec 11, 2024

Under specific circumstances, insecure permissions in Ivanti Security Controls before version... High Unreviewed

CVE-2024-10251 was published Dec 11, 2024

Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1... High Unreviewed

CVE-2024-9845 was published Dec 11, 2024

Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10... High Unreviewed

CVE-2024-8496 was published Dec 11, 2024

An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build... Critical Unreviewed

CVE-2024-45494 was published Dec 10, 2024

COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed

CVE-2024-54751 was published Dec 10, 2024

WAVLINK WN701AE M01AE_V240305 was discovered to contain a hardcoded password vulnerability in ... Critical Unreviewed

CVE-2024-54745 was published Dec 6, 2024

WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed

CVE-2024-54747 was published Dec 6, 2024

An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their... High Unreviewed

CVE-2024-46624 was published Dec 4, 2024

An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can... Low Unreviewed

CVE-2024-53921 was published Dec 3, 2024

Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3) High

CVE-2024-54131 was published for github.com/kolide/launcher (Go) Dec 3, 2024

In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input... High Unreviewed

CVE-2018-9431 was published Dec 3, 2024

Ever Traduora 0.20.0 and below is vulnerable to Privilege Escalation due to the use of a hard... Critical Unreviewed

CVE-2024-53484 was published Dec 2, 2024

The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder... High Unreviewed

CVE-2024-11969 was published Nov 28, 2024

OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible... Critical Unreviewed

CVE-2024-46054 was published Nov 27, 2024

Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated... High Unreviewed

CVE-2024-52323 was published Nov 27, 2024

On Android, Firefox may have inadvertently allowed viewing saved passwords without the required... Critical Unreviewed

CVE-2024-11703 was published Nov 26, 2024

Gee-netics, member of the AXIS Camera Station Pro Bug Bounty Program has found that it is... Moderate Unreviewed

CVE-2024-6476 was published Nov 26, 2024

Previous 1 2 3 4 5 … 43 44 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,079 advisories