Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,164 advisories

Loading
Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy... High Unreviewed
CVE-2024-39709 was published Nov 13, 2024
A vulnerability has been identified in SIPORT (All versions < V3.4.0). The affected application... High Unreviewed
CVE-2024-47783 was published Nov 12, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected... High Unreviewed
CVE-2024-47808 was published Nov 12, 2024
Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization... High Unreviewed
CVE-2024-45164 was published Nov 4, 2024
The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path... Low Unreviewed
CVE-2024-10228 was published Oct 30, 2024
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager that allows a user of... High Unreviewed
CVE-2024-0128 was published Oct 26, 2024
RKE2 allows privilege escalation in Windows nodes due to Insecure Access Control Lists Critical
GHSA-x7xj-jvwp-97rv was published for github.com/rancher/rke2 (Go) Oct 25, 2024
Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists Critical
CVE-2023-32197 was published for github.com/rancher/rancher (Go) Oct 25, 2024
Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may... High Unreviewed
CVE-2023-33870 was published Oct 25, 2024
Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier... Low Unreviewed
CVE-2024-46897 was published Oct 18, 2024
Nokia SR OS routers allow read-write access to the entire file system via SFTP or SCP for users... High Unreviewed
CVE-2023-6729 was published Oct 17, 2024
Insecure permissions in the packaging of tomcat allow local users that win a race during package... High Unreviewed
CVE-2024-22029 was published Oct 16, 2024
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead... Critical Unreviewed
CVE-2024-10018 was published Oct 16, 2024
Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226... High Unreviewed
CVE-2024-44729 was published Oct 11, 2024
Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to... High Unreviewed
CVE-2024-7612 was published Oct 8, 2024
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows... Critical Unreviewed
CVE-2024-24117 was published Oct 2, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could... Moderate Unreviewed
CVE-2024-6360 was published Oct 2, 2024
Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default High
CVE-2024-7594 was published for github.com/hashicorp/vault (Go) Sep 26, 2024
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote attacker to obtain sensitive... Low Unreviewed
CVE-2022-43845 was published Sep 25, 2024
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain... High Unreviewed
CVE-2024-8900 was published Sep 17, 2024
Improper permission configurationDomain configuration vulnerability of the mobile application ... Critical Unreviewed
CVE-2024-8039 was published Sep 16, 2024
A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All... Critical Unreviewed
CVE-2024-41171 was published Sep 10, 2024
External Secrets Operator vulnerable to privilege escalation High
CVE-2024-45041 was published for github.com/external-secrets/external-secrets (Go) Sep 9, 2024
younaman
HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain... High Unreviewed
CVE-2024-38456 was published Sep 3, 2024
Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local... Moderate Unreviewed
CVE-2023-49582 was published Aug 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database