GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,195 advisories
Filter by severity
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation...
High
Unreviewed
CVE-2024-9244
was published
Nov 23, 2024
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation...
High
Unreviewed
CVE-2024-9245
was published
Nov 23, 2024
Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability....
High
Unreviewed
CVE-2024-7245
was published
Nov 23, 2024
G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability....
High
Unreviewed
CVE-2024-6871
was published
Nov 23, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to...
High
Unreviewed
CVE-2024-38646
was published
Nov 22, 2024
Local Privilege Escalation in Windows
High
CVE-2023-49797
was published
for
pyinstaller
(pip)
Dec 9, 2023
Improper export of Android application components issue exists in 'ABEMA' App for Android prior...
Low
Unreviewed
CVE-2024-28745
was published
Mar 18, 2024
Kubean vulnerable to cluster-level privilege escalation
High
CVE-2024-41820
was published
for
github.com/kubean-io/kubean
(Go)
Aug 5, 2024
On Windows systems, the Arc configuration files resulted to be world-readable.
This can lead...
Moderate
Unreviewed
CVE-2023-5937
was published
May 15, 2024
Grafana information disclosure
High
CVE-2020-12458
was published
for
github.com/grafana/grafana
(Go)
May 24, 2022
Grafana world readable configuration files
High
CVE-2020-12459
was published
for
github.com/grafana/grafana
(Go)
May 24, 2022
Incorrect Permission Assignment for Critical Resource in Ansible
Moderate
CVE-2020-1736
was published
for
ansible
(pip)
Feb 9, 2022
A low privileged remote attacker may modify the BACNet service properties due to incorrect...
High
Unreviewed
CVE-2024-41974
was published
Nov 18, 2024
A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect...
Moderate
Unreviewed
CVE-2024-41970
was published
Nov 18, 2024
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows...
Critical
Unreviewed
CVE-2024-24117
was published
Oct 2, 2024
Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 and Ivanti Policy...
High
Unreviewed
CVE-2024-39709
was published
Nov 13, 2024
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05
contains a vulnerability...
High
Unreviewed
CVE-2023-34437
was published
Oct 19, 2023
A vulnerability has been identified in SIPORT (All versions < V3.4.0). The affected application...
High
Unreviewed
CVE-2024-47783
was published
Nov 12, 2024
A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected...
High
Unreviewed
CVE-2024-47808
was published
Nov 12, 2024
Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization...
High
Unreviewed
CVE-2024-45164
was published
Nov 4, 2024
Permission control vulnerability in the Bluetooth module.
Impact: Successful exploitation of this...
Moderate
Unreviewed
CVE-2023-52554
was published
Apr 8, 2024
Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists
Critical
CVE-2023-32197
was published
for
github.com/rancher/rancher
(Go)
Oct 25, 2024
The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network...
Moderate
Unreviewed
CVE-2024-37087
was published
Jun 25, 2024
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain...
High
Unreviewed
CVE-2024-8900
was published
Sep 17, 2024
Improper permission control in the mobile application (com.android.server.telecom) may lead to...
Low
Unreviewed
CVE-2024-6780
was published
Jul 16, 2024
ProTip!
Advisories are also available from the
GraphQL API