GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,195 advisories
Filter by severity
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p23, < 2.2...
Moderate
Unreviewed
CVE-2024-38864
was published
Dec 19, 2024
IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical...
Moderate
Unreviewed
CVE-2024-47104
was published
Dec 18, 2024
SurrealDB has Silent Failure to Overwrite Table Definition of Relation Type
Low
GHSA-27vq-hv74-7cqp
was published
for
surrealdb
(Rust)
Dec 16, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open...
Moderate
Unreviewed
CVE-2024-12564
was published
Dec 12, 2024
The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Information...
Moderate
Unreviewed
CVE-2024-12255
was published
Dec 12, 2024
Insufficient permissions in the TeamViewer Patch & Asset Management component prior to version 24...
High
Unreviewed
CVE-2024-12363
was published
Dec 11, 2024
Insufficient permissions in Ivanti DSM before version 2024.3.5740 allows a local authenticated...
High
Unreviewed
CVE-2024-7572
was published
Dec 10, 2024
Insufficient permissions in Ivanti Patch SDK before version 9.7.703 allows a local authenticated...
High
Unreviewed
CVE-2024-10256
was published
Dec 10, 2024
Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local...
High
Unreviewed
CVE-2024-8540
was published
Dec 10, 2024
In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices...
Moderate
Unreviewed
CVE-2024-8256
was published
Dec 10, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v...
Critical
Unreviewed
CVE-2024-41647
was published
Dec 7, 2024
Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.8...
Moderate
Unreviewed
CVE-2024-45841
was published
Dec 5, 2024
The GriceMobile com.grice.call application 4.5.2 for Android enables any installed application ...
High
Unreviewed
CVE-2024-37574
was published
Dec 4, 2024
Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0...
Moderate
Unreviewed
CVE-2024-12151
was published
Dec 4, 2024
Incorrect permission assignment in temporary access requests component in Devolutions Remote...
High
Unreviewed
CVE-2024-12149
was published
Dec 4, 2024
stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp...
Moderate
Unreviewed
CVE-2024-54159
was published
Nov 30, 2024
This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of...
Moderate
Unreviewed
CVE-2024-21703
was published
Nov 27, 2024
Affected devices create coredump files when crashed, storing them with world-readable permission....
Moderate
Unreviewed
CVE-2024-28955
was published
Nov 26, 2024
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation...
High
Unreviewed
CVE-2024-9244
was published
Nov 23, 2024
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation...
High
Unreviewed
CVE-2024-9245
was published
Nov 23, 2024
G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability....
High
Unreviewed
CVE-2024-6871
was published
Nov 23, 2024
Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability....
High
Unreviewed
CVE-2024-7245
was published
Nov 23, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to...
High
Unreviewed
CVE-2024-38646
was published
Nov 22, 2024
A low privileged remote attacker may modify the BACNet service properties due to incorrect...
High
Unreviewed
CVE-2024-41974
was published
Nov 18, 2024
A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect...
Moderate
Unreviewed
CVE-2024-41970
was published
Nov 18, 2024
ProTip!
Advisories are also available from the
GraphQL API