GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,972
Composer 4,285
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,238
npm 3,741
NuGet 668
pip 3,422
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,198

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

447 advisories

Filter by severity

Sort by

Least recently updated

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p23, < 2.2... Moderate Unreviewed

CVE-2024-38864 was published Dec 19, 2024

IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical... Moderate Unreviewed

CVE-2024-47104 was published Dec 18, 2024

Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open... Moderate Unreviewed

CVE-2024-12564 was published Dec 12, 2024

The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Information... Moderate Unreviewed

CVE-2024-12255 was published Dec 12, 2024

In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices... Moderate Unreviewed

CVE-2024-8256 was published Dec 10, 2024

Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.8... Moderate Unreviewed

CVE-2024-45841 was published Dec 5, 2024

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0... Moderate Unreviewed

CVE-2024-12151 was published Dec 4, 2024

stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp... Moderate Unreviewed

CVE-2024-54159 was published Nov 30, 2024

This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of... Moderate Unreviewed

CVE-2024-21703 was published Nov 27, 2024

Affected devices create coredump files when crashed, storing them with world-readable permission.... Moderate Unreviewed

CVE-2024-28955 was published Nov 26, 2024

A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect... Moderate Unreviewed

CVE-2024-41970 was published Nov 18, 2024

Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could... Moderate Unreviewed

CVE-2024-6360 was published Oct 2, 2024

Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local... Moderate Unreviewed

CVE-2023-49582 was published Aug 26, 2024

IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0,... Moderate Unreviewed

CVE-2022-43915 was published Aug 24, 2024

A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat... Moderate Unreviewed

CVE-2024-7986 was published Aug 23, 2024

A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows... Moderate Unreviewed

CVE-2024-5915 was published Aug 14, 2024

Insecure inherited permissions in some Intel(R) HID Event Filter software installers before... Moderate Unreviewed

CVE-2024-25561 was published Aug 14, 2024

Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before... Moderate Unreviewed

CVE-2024-23908 was published Aug 14, 2024

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for... Moderate Unreviewed

CVE-2024-41685 was published Jul 26, 2024

snapd failed to restrict writes to the $HOME/bin path Moderate

CVE-2024-1724 was published for github.com/snapcore/snapd (Go) Jul 25, 2024

The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag... Moderate Unreviewed

CVE-2024-6739 was published Jul 15, 2024

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local... Moderate Unreviewed

CVE-2024-20456 was published Jul 10, 2024

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... Moderate Unreviewed

CVE-2024-39875 was published Jul 9, 2024

The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network... Moderate Unreviewed

CVE-2024-37087 was published Jun 25, 2024

Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow... Moderate Unreviewed

CVE-2024-21835 was published May 16, 2024

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

447 advisories