GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,195 advisories
Filter by severity
Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy...
High
Unreviewed
CVE-2024-39709
was published
Nov 13, 2024
A vulnerability has been identified in SIPORT (All versions < V3.4.0). The affected application...
High
Unreviewed
CVE-2024-47783
was published
Nov 12, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected...
High
Unreviewed
CVE-2024-47808
was published
Nov 12, 2024
Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization...
High
Unreviewed
CVE-2024-45164
was published
Nov 4, 2024
The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path...
Low
Unreviewed
CVE-2024-10228
was published
Oct 30, 2024
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager that allows a user of...
High
Unreviewed
CVE-2024-0128
was published
Oct 26, 2024
RKE2 allows privilege escalation in Windows nodes due to Insecure Access Control Lists
Critical
GHSA-x7xj-jvwp-97rv
was published
for
github.com/rancher/rke2
(Go)
Oct 25, 2024
Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists
Critical
CVE-2023-32197
was published
for
github.com/rancher/rancher
(Go)
Oct 25, 2024
Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may...
High
Unreviewed
CVE-2023-33870
was published
Oct 25, 2024
Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier...
Low
Unreviewed
CVE-2024-46897
was published
Oct 18, 2024
Nokia SR OS routers allow read-write access to the entire file system via SFTP or SCP for users...
High
Unreviewed
CVE-2023-6729
was published
Oct 17, 2024
Insecure permissions in the packaging of tomcat allow local users that win a race during package...
High
Unreviewed
CVE-2024-22029
was published
Oct 16, 2024
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead...
Critical
Unreviewed
CVE-2024-10018
was published
Oct 16, 2024
Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226...
High
Unreviewed
CVE-2024-44729
was published
Oct 11, 2024
Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to...
High
Unreviewed
CVE-2024-7612
was published
Oct 8, 2024
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows...
Critical
Unreviewed
CVE-2024-24117
was published
Oct 2, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could...
Moderate
Unreviewed
CVE-2024-6360
was published
Oct 2, 2024
Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default
High
CVE-2024-7594
was published
for
github.com/hashicorp/vault
(Go)
Sep 26, 2024
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote attacker to obtain sensitive...
Low
Unreviewed
CVE-2022-43845
was published
Sep 25, 2024
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain...
High
Unreviewed
CVE-2024-8900
was published
Sep 17, 2024
Improper permission configurationDomain configuration vulnerability of the mobile application ...
Critical
Unreviewed
CVE-2024-8039
was published
Sep 16, 2024
RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS...
Low
Unreviewed
CVE-2024-44575
was published
Sep 11, 2024
A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All...
Critical
Unreviewed
CVE-2024-41171
was published
Sep 10, 2024
External Secrets Operator vulnerable to privilege escalation
High
CVE-2024-45041
was published
for
github.com/external-secrets/external-secrets
(Go)
Sep 9, 2024
HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain...
High
Unreviewed
CVE-2024-38456
was published
Sep 3, 2024
ProTip!
Advisories are also available from the
GraphQL API