Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

58 advisories

Loading
The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path... Low Unreviewed
CVE-2024-10228 was published Oct 30, 2024
Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier... Low Unreviewed
CVE-2024-46897 was published Oct 18, 2024
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote attacker to obtain sensitive... Low Unreviewed
CVE-2022-43845 was published Sep 25, 2024
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could... Low Unreviewed
CVE-2022-33167 was published Jul 30, 2024
Improper permission control in the mobile application (com.android.server.telecom) may lead to... Low Unreviewed
CVE-2024-6780 was published Jul 16, 2024
Improper export of Android application components issue exists in 'ABEMA' App for Android prior... Low Unreviewed
CVE-2024-28745 was published Mar 18, 2024
Apache Solr Schema Designer blindly "trusts" all configsets Low
CVE-2023-50292 was published for org.apache.solr:solr-core (Maven) Feb 9, 2024
Spring Cloud Contract vulnerable to local information disclosure Low
CVE-2024-22236 was published for org.springframework.cloud:spring-cloud-contract-shade (Maven) Jan 31, 2024
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform... Low Unreviewed
CVE-2023-49578 was published Dec 12, 2023
Default permissions for a properties file were too permissive. Local system users could read... Low Unreviewed
CVE-2023-26427 was published Jun 20, 2023
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754,... Low Unreviewed
CVE-2023-32114 was published Jun 13, 2023
Azure/setup-kubectl: Escalation of privilege vulnerability for v3 and lower Low
CVE-2023-23939 was published for Azure/setup-kubectl (GitHub Actions) Mar 7, 2023
IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission... Low Unreviewed
CVE-2022-34314 was published Nov 15, 2022
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022... Low Unreviewed
CVE-2022-39887 was published Nov 10, 2022
Codeigniter4's Secure or HttpOnly flag set in Config\Cookie is not reflected in Cookies issued Low
CVE-2022-39284 was published for codeigniter4/framework (Composer) Oct 6, 2022
In Bluetooth, there is a possible way to connect or disconnect bluetooth devices without user... Low Unreviewed
CVE-2022-20330 was published Aug 13, 2022
In ActivityManager, there is a possible way to check another process's capabilities due to a... Low Unreviewed
CVE-2022-20262 was published Aug 13, 2022
Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows... Low Unreviewed
CVE-2022-33689 was published Jul 13, 2022
A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE)... Low Unreviewed
CVE-2021-34758 was published May 24, 2022
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to... Low Unreviewed
CVE-2020-0904 was published May 24, 2022
Ingenico Telium 2 POS Telium2 OS allow bypass of file-reading restrictions via the NTPT3 protocol... Low Unreviewed
CVE-2018-17766 was published May 24, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... Low Unreviewed
CVE-2020-4414 was published May 24, 2022
An issue was discovered in Mattermost Server before 5.8.0, when Town Square is set to Read-Only.... Low Unreviewed
CVE-2019-20883 was published May 24, 2022
An exposure of sensitive information flaw was found in Ansible Tower before version 3.7.1.... Low Unreviewed
CVE-2020-10782 was published May 24, 2022
An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does... Low Unreviewed
CVE-2020-13696 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database