Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

434 advisories

Loading
On Windows systems, the Arc configuration files resulted to be world-readable. This can lead... Moderate Unreviewed
CVE-2023-5937 was published May 15, 2024
Incorrect Permission Assignment for Critical Resource in Ansible Moderate
CVE-2020-1736 was published for ansible (pip) Feb 9, 2022
A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect... Moderate Unreviewed
CVE-2024-41970 was published Nov 18, 2024
Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2023-52554 was published Apr 8, 2024
The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network... Moderate Unreviewed
CVE-2024-37087 was published Jun 25, 2024
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote... Moderate Unreviewed
CVE-2022-36800 was published Aug 4, 2022
SaltStack Salt Allows creating certificates with weak file permissions Moderate
CVE-2020-17490 was published for salt (pip) May 24, 2022
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed
CVE-2023-5136 was published Nov 8, 2023
Incorrect Permission Assignment for Critical Resource in OnionShare Moderate
CVE-2022-21694 was published for onionshare-cli (pip) Jan 21, 2022
The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag... Moderate Unreviewed
CVE-2024-6739 was published Jul 15, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could... Moderate Unreviewed
CVE-2024-6360 was published Oct 2, 2024
Under certain condition SAP NetWeaver (Enterprise Portal) - version 7.50 allows an attacker to... Moderate Unreviewed
CVE-2024-25645 was published Mar 12, 2024
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access... Moderate Unreviewed
CVE-2024-25644 was published Mar 12, 2024
SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL... Moderate Unreviewed
CVE-2024-24740 was published Feb 13, 2024
Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions... Moderate Unreviewed
CVE-2024-28163 was published Mar 12, 2024
Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and... Moderate Unreviewed
CVE-2024-29964 was published Apr 19, 2024
Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before... Moderate Unreviewed
CVE-2024-23908 was published Aug 14, 2024
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before... Moderate Unreviewed
CVE-2024-25561 was published Aug 14, 2024
Gitea allowed assignment of private issues Moderate
CVE-2022-38183 was published for code.gitea.io/gitea (Go) Aug 13, 2022
Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local... Moderate Unreviewed
CVE-2023-49582 was published Aug 26, 2024
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0,... Moderate Unreviewed
CVE-2022-43915 was published Aug 24, 2024
A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat... Moderate Unreviewed
CVE-2024-7986 was published Aug 23, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows... Moderate Unreviewed
CVE-2024-5915 was published Aug 14, 2024
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software... Moderate Unreviewed
CVE-2022-41700 was published Nov 14, 2023
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... Moderate Unreviewed
CVE-2024-39875 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database