Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,232 advisories

Loading
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue... Critical Unreviewed
CVE-2024-3375 was published Apr 29, 2024
Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources High
CVE-2021-25318 was published for github.com/rancher/rancher (Go) Apr 24, 2024
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities Moderate
CVE-2022-24769 was published for github.com/docker/docker (Go) Apr 22, 2024
AndrewGMorgan
Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and... Moderate Unreviewed
CVE-2024-29964 was published Apr 19, 2024
A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security... High Unreviewed
CVE-2024-24910 was published Apr 18, 2024
Vulnerability in the PeopleSoft Enterprise HCM Benefits Administration product of Oracle... Moderate Unreviewed
CVE-2024-21063 was published Apr 17, 2024
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3... Moderate Unreviewed
CVE-2024-22334 was published Apr 12, 2024
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an... High Unreviewed
CVE-2024-25646 was published Apr 9, 2024
Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2023-52554 was published Apr 8, 2024
An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows... Moderate Unreviewed
CVE-2024-28589 was published Apr 3, 2024
Dell Grab for Windows, versions 5.0.4 and below, contains an improper file permissions... Moderate Unreviewed
CVE-2024-25956 was published Mar 26, 2024
WiX based installers are vulnerable to binary hijack when run as SYSTEM High
CVE-2024-29187 was published for WixToolset.Sdk (NuGet) Mar 25, 2024
KNaceri rohitmothe
Improper export of Android application components issue exists in 'ABEMA' App for Android prior... Low Unreviewed
CVE-2024-28745 was published Mar 18, 2024
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-21431 was published Mar 12, 2024
Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions... Moderate Unreviewed
CVE-2024-28163 was published Mar 12, 2024
Under certain condition SAP NetWeaver (Enterprise Portal) - version 7.50 allows an attacker to... Moderate Unreviewed
CVE-2024-25645 was published Mar 12, 2024
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access... Moderate Unreviewed
CVE-2024-25644 was published Mar 12, 2024
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform... Critical Unreviewed
CVE-2024-21915 was published Feb 16, 2024
SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL... Moderate Unreviewed
CVE-2024-24740 was published Feb 13, 2024
Apache Solr Schema Designer blindly "trusts" all configsets Low
CVE-2023-50292 was published for org.apache.solr:solr-core (Maven) Feb 9, 2024
Spring Security's spring-security.xsd file is world writable Moderate
CVE-2023-34042 was published for org.springframework.security:spring-security-config (Maven) Feb 6, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to... High Unreviewed
CVE-2023-47564 was published Feb 2, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in B&R Industrial Automation... High Unreviewed
CVE-2020-24681 was published Feb 2, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write... High Unreviewed
CVE-2024-22016 was published Feb 2, 2024
Moby (Docker Engine) Insufficiently restricted permissions on data directory Moderate
CVE-2021-41091 was published for github.com/docker/docker (Go) Jan 31, 2024
joanbm AlonZa
neersighted
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database