Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,106 advisories

Loading
Kubean vulnerable to cluster-level privilege escalation Moderate
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP... High Unreviewed
CVE-2024-31202 was published Jul 31, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for... Moderate Unreviewed
CVE-2024-41685 was published Jul 26, 2024
snapd failed to restrict writes to the $HOME/bin path Moderate
CVE-2024-1724 was published for github.com/snapcore/snapd (Go) Jul 25, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics... Critical Unreviewed
CVE-2024-5618 was published Jul 18, 2024
A privilege escalation vulnerability exists in the affected products which could allow a... High Unreviewed
CVE-2024-6435 was published Jul 16, 2024
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local... Moderate Unreviewed
CVE-2024-20456 was published Jul 10, 2024
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p8, < 2.2... High Unreviewed
CVE-2024-28827 was published Jul 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... Moderate Unreviewed
CVE-2024-39875 was published Jul 9, 2024
A privilege escalation vulnerability exists in the affected product. The vulnerability allows low... Unknown Unreviewed
CVE-2024-37369 was published Jun 14, 2024
The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all... High Unreviewed
CVE-2024-3668 was published Jun 8, 2024
A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2024-30369 was published Jun 6, 2024
Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow... Moderate Unreviewed
CVE-2024-21835 was published May 16, 2024
On Unix systems (Linux, MacOS), Arc uses a temporary file with unsafe privileges. By tampering... High Unreviewed
CVE-2023-5936 was published May 15, 2024
On Windows systems, the Arc configuration files resulted to be world-readable. This can lead... Low Unreviewed
CVE-2023-5937 was published May 15, 2024
Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products Moderate Unreviewed
CVE-2024-27108 was published May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed
CVE-2024-33499 was published May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Moderate Unreviewed
CVE-2024-30208 was published May 14, 2024
Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows... High Unreviewed
CVE-2023-35841 was published May 14, 2024
Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices High Unreviewed
CVE-2024-1486 was published May 14, 2024
Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation... High Unreviewed
CVE-2023-51579 was published May 3, 2024
LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-40516 was published May 3, 2024
A local privilege escalation vulnerability has been identified in Harmony Endpoint Security... Moderate Unreviewed
CVE-2024-24912 was published May 1, 2024
Insecure Permissions vulnerability in Guangzhou Yingshi Electronic Technology Co. Ncast Yingshi... Critical Unreviewed
CVE-2024-33435 was published Apr 29, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue... Critical Unreviewed
CVE-2024-3375 was published Apr 29, 2024
ProTip! Advisories are also available from the GraphQL API