GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
818 advisories
Filter by severity
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to...
Unknown
Unreviewed
CVE-2024-46544
was published
Sep 23, 2024
In the Linux kernel, the following vulnerability has been resolved:
selinux,smack: don't bypass...
Moderate
Unreviewed
CVE-2024-46695
was published
Sep 13, 2024
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The...
High
Unreviewed
CVE-2024-8533
was published
Sep 12, 2024
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-38222
was published
Sep 12, 2024
Improper handling of insufficient permissions in Samsung Assistant prior to version 9.1.00.7...
Moderate
Unreviewed
CVE-2024-34661
was published
Sep 4, 2024
Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1...
Moderate
Unreviewed
CVE-2024-34648
was published
Sep 4, 2024
Sensitive information disclosure due to insecure folder permissions. The following products are...
Moderate
Unreviewed
CVE-2024-34018
was published
Aug 29, 2024
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise...
Critical
Unreviewed
CVE-2024-44760
was published
Aug 28, 2024
An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo...
High
Unreviewed
CVE-2024-4763
was published
Aug 16, 2024
An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and...
High
Unreviewed
CVE-2024-2175
was published
Aug 16, 2024
Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow...
Moderate
Unreviewed
CVE-2024-26025
was published
Aug 14, 2024
Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an...
Moderate
Unreviewed
CVE-2024-27461
was published
Aug 14, 2024
Incorrect default permissions in some Intel Unite(R) Client Extended Display Plugin software...
Moderate
Unreviewed
CVE-2024-22378
was published
Aug 14, 2024
Incorrect default permissions in some Intel(R) ISH software installers may allow an authenticated...
Moderate
Unreviewed
CVE-2024-23974
was published
Aug 14, 2024
Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024...
Moderate
Unreviewed
CVE-2024-23495
was published
Aug 14, 2024
Incorrect default permissions for some Intel(R) Connectivity Performance Suite software...
Moderate
Unreviewed
CVE-2023-43747
was published
Aug 14, 2024
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to...
High
Unreviewed
CVE-2023-31349
was published
Aug 13, 2024
CloudStack account-users by default use username and password based authentication for API and UI...
High
Unreviewed
CVE-2024-42062
was published
Aug 7, 2024
Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows...
Moderate
Unreviewed
CVE-2024-34617
was published
Aug 7, 2024
Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1...
Moderate
Unreviewed
CVE-2024-34616
was published
Aug 7, 2024
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory...
High
Unreviewed
CVE-2024-43114
was published
Aug 6, 2024
It was possible for a web extension with minimal permissions to create a `StreamFilter` which...
Critical
Unreviewed
CVE-2024-7525
was published
Aug 6, 2024
Untrusted Search Path, Incorrect Default Permissions vulnerability in Cato Networks SDP Client on...
High
Unreviewed
CVE-2024-6974
was published
Jul 31, 2024
The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with...
High
Unreviewed
CVE-2024-42053
was published
Jul 28, 2024
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and...
High
Unreviewed
CVE-2024-36541
was published
Jul 24, 2024
ProTip!
Advisories are also available from the
GraphQL API