Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,195 advisories

Loading
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p23, < 2.2... Moderate Unreviewed
CVE-2024-38864 was published Dec 19, 2024
In multiple files, there is a possible way to access traces in the dev mode due to a permissions... Moderate Unreviewed
CVE-2023-21142 was published Jun 15, 2023
PublicCMS <=V4.0.202302 is vulnerable to Insecure Permissions. Critical Unreviewed
CVE-2023-34852 was published Jun 15, 2023
SurrealDB has Silent Failure to Overwrite Table Definition of Relation Type Low
GHSA-27vq-hv74-7cqp was published for surrealdb (Rust) Dec 16, 2024
AlbertMarashi
An issue was discovered in Zoho Application Control Plus before version 10.0.511. The Element... Moderate Unreviewed
CVE-2020-15595 was published May 24, 2022
IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical... Moderate Unreviewed
CVE-2024-47104 was published Dec 18, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open... Moderate Unreviewed
CVE-2024-12564 was published Dec 12, 2024
The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Information... Moderate Unreviewed
CVE-2024-12255 was published Dec 12, 2024
The GriceMobile com.grice.call application 4.5.2 for Android enables any installed application ... High Unreviewed
CVE-2024-37574 was published Dec 4, 2024
Insufficient permissions in the TeamViewer Patch & Asset Management component prior to version 24... High Unreviewed
CVE-2024-12363 was published Dec 11, 2024
Insufficient permissions in Ivanti DSM before version 2024.3.5740 allows a local authenticated... High Unreviewed
CVE-2024-7572 was published Dec 10, 2024
Insecure permissions in Ivanti Sentry before versions 9.20.2 and 10.0.2 or 10.1.0 allow a local... High Unreviewed
CVE-2024-8540 was published Dec 10, 2024
Insufficient permissions in Ivanti Patch SDK before version 9.7.703 allows a local authenticated... High Unreviewed
CVE-2024-10256 was published Dec 10, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed
CVE-2024-41647 was published Dec 7, 2024
In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices... Moderate Unreviewed
CVE-2024-8256 was published Dec 10, 2024
Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0... Moderate Unreviewed
CVE-2024-12151 was published Dec 4, 2024
Incorrect permission assignment in temporary access requests component in Devolutions Remote... High Unreviewed
CVE-2024-12149 was published Dec 4, 2024
Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.8... Moderate Unreviewed
CVE-2024-45841 was published Dec 5, 2024
Vulnerability in the PeopleSoft Enterprise HCM Benefits Administration product of Oracle... Moderate Unreviewed
CVE-2024-21063 was published Apr 17, 2024
stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp... Moderate Unreviewed
CVE-2024-54159 was published Nov 30, 2024
Spring Security's spring-security.xsd file is world writable Moderate
CVE-2023-34042 was published for org.springframework.security:spring-security-config (Maven) Feb 6, 2024
This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of... Moderate Unreviewed
CVE-2024-21703 was published Nov 27, 2024
A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD)... Moderate Unreviewed
CVE-2020-3312 was published May 24, 2022
Affected devices create coredump files when crashed, storing them with world-readable permission.... Moderate Unreviewed
CVE-2024-28955 was published Nov 26, 2024
RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS... Low Unreviewed
CVE-2024-44575 was published Sep 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database