Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,172 advisories

Loading
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation... High Unreviewed
CVE-2024-9244 was published Nov 23, 2024
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation... High Unreviewed
CVE-2024-9245 was published Nov 23, 2024
Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2024-7245 was published Nov 23, 2024
G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2024-6871 was published Nov 23, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to... High Unreviewed
CVE-2024-38646 was published Nov 22, 2024
Local Privilege Escalation in Windows High
CVE-2023-49797 was published for pyinstaller (pip) Dec 9, 2023
Improper export of Android application components issue exists in 'ABEMA' App for Android prior... Low Unreviewed
CVE-2024-28745 was published Mar 18, 2024
Kubean vulnerable to cluster-level privilege escalation High
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
On Windows systems, the Arc configuration files resulted to be world-readable. This can lead... Moderate Unreviewed
CVE-2023-5937 was published May 15, 2024
Grafana world readable configuration files High
CVE-2020-12459 was published for github.com/grafana/grafana (Go) May 24, 2022
Grafana information disclosure High
CVE-2020-12458 was published for github.com/grafana/grafana (Go) May 24, 2022
Incorrect Permission Assignment for Critical Resource in Ansible Moderate
CVE-2020-1736 was published for ansible (pip) Feb 9, 2022
A low privileged remote attacker may modify the BACNet service properties due to incorrect... High Unreviewed
CVE-2024-41974 was published Nov 18, 2024
A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect... Moderate Unreviewed
CVE-2024-41970 was published Nov 18, 2024
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows... Critical Unreviewed
CVE-2024-24117 was published Oct 2, 2024
Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy... High Unreviewed
CVE-2024-39709 was published Nov 13, 2024
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability... High Unreviewed
CVE-2023-34437 was published Oct 19, 2023
A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected... High Unreviewed
CVE-2024-47808 was published Nov 12, 2024
A vulnerability has been identified in SIPORT (All versions < V3.4.0). The affected application... High Unreviewed
CVE-2024-47783 was published Nov 12, 2024
Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization... High Unreviewed
CVE-2024-45164 was published Nov 4, 2024
Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2023-52554 was published Apr 8, 2024
Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists Critical
CVE-2023-32197 was published for github.com/rancher/rancher (Go) Oct 25, 2024
The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network... Moderate Unreviewed
CVE-2024-37087 was published Jun 25, 2024
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain... High Unreviewed
CVE-2024-8900 was published Sep 17, 2024
Improper permission control in the mobile application (com.android.server.telecom) may lead to... Low Unreviewed
CVE-2024-6780 was published Jul 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database