Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,463
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,236 advisories

Loading
Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy... High Unreviewed
CVE-2024-39709 was published Nov 13, 2024
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows... Critical Unreviewed
CVE-2024-24117 was published Oct 2, 2024
A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect... Moderate Unreviewed
CVE-2024-41970 was published Nov 18, 2024
A low privileged remote attacker may modify the BACNet service properties due to incorrect... High Unreviewed
CVE-2024-41974 was published Nov 18, 2024
Incorrect Permission Assignment for Critical Resource in Ansible Moderate
CVE-2020-1736 was published for ansible (pip) Feb 9, 2022
Grafana information disclosure High
CVE-2020-12458 was published for github.com/grafana/grafana (Go) May 24, 2022
Grafana world readable configuration files High
CVE-2020-12459 was published for github.com/grafana/grafana (Go) May 24, 2022
On Windows systems, the Arc configuration files resulted to be world-readable. This can lead... Moderate Unreviewed
CVE-2023-5937 was published May 15, 2024
Kubean vulnerable to cluster-level privilege escalation High
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
Improper export of Android application components issue exists in 'ABEMA' App for Android prior... Low Unreviewed
CVE-2024-28745 was published Mar 18, 2024
Local Privilege Escalation in Windows High
CVE-2023-49797 was published for pyinstaller (pip) Dec 9, 2023
An incorrect permission assignment for critical resource vulnerability has been reported to... High Unreviewed
CVE-2024-38646 was published Nov 22, 2024
G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2024-6871 was published Nov 23, 2024
Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2024-7245 was published Nov 23, 2024
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation... High Unreviewed
CVE-2024-9245 was published Nov 23, 2024
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation... High Unreviewed
CVE-2024-9244 was published Nov 23, 2024
RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS... Low Unreviewed
CVE-2024-44575 was published Sep 11, 2024
Affected devices create coredump files when crashed, storing them with world-readable permission.... Moderate Unreviewed
CVE-2024-28955 was published Nov 26, 2024
A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD)... Moderate Unreviewed
CVE-2020-3312 was published May 24, 2022
This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of... Moderate Unreviewed
CVE-2024-21703 was published Nov 27, 2024
Spring Security's spring-security.xsd file is world writable Moderate
CVE-2023-34042 was published for org.springframework.security:spring-security-config (Maven) Feb 6, 2024
stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp... Moderate Unreviewed
CVE-2024-54159 was published Nov 30, 2024
Vulnerability in the PeopleSoft Enterprise HCM Benefits Administration product of Oracle... Moderate Unreviewed
CVE-2024-21063 was published Apr 17, 2024
Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.8... Moderate Unreviewed
CVE-2024-45841 was published Dec 5, 2024
Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0... Moderate Unreviewed
CVE-2024-12151 was published Dec 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database