Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

907 advisories

Loading
Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows... Moderate Unreviewed
CVE-2024-34617 was published Aug 7, 2024
Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1... Moderate Unreviewed
CVE-2024-34616 was published Aug 7, 2024
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory... High Unreviewed
CVE-2024-43114 was published Aug 6, 2024
It was possible for a web extension with minimal permissions to create a `StreamFilter` which... Critical Unreviewed
CVE-2024-7525 was published Aug 6, 2024
Untrusted Search Path, Incorrect Default Permissions vulnerability in Cato Networks SDP Client on... High Unreviewed
CVE-2024-6974 was published Jul 31, 2024
The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with... High Unreviewed
CVE-2024-42053 was published Jul 28, 2024
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and... High Unreviewed
CVE-2024-36541 was published Jul 24, 2024
An incorrect permission in the installation directory for the shared NI SystemLink Server... Moderate Unreviewed
CVE-2024-6122 was published Jul 22, 2024
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported... Low Unreviewed
CVE-2024-21123 was published Jul 17, 2024
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www... Moderate Unreviewed
CVE-2024-6325 was published Jul 16, 2024
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®... Low Unreviewed
CVE-2024-6326 was published Jul 16, 2024
Under certain circumstances the Software House C●CURE 9000 Site Server provides insufficient... High Unreviewed
CVE-2024-32861 was published Jul 16, 2024
Denial of service vulnerability present shortly after product installation or upgrade,... Moderate Unreviewed
CVE-2024-3779 was published Jul 16, 2024
In multiple locations, there is a possible information leak due to a missing permission check.... Moderate Unreviewed
CVE-2024-31312 was published Jul 9, 2024
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on... High Unreviewed
CVE-2024-3904 was published Jul 4, 2024
Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops... Moderate Unreviewed
CVE-2024-2819 was published Jul 2, 2024
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows,... High Unreviewed
CVE-2024-4679 was published Jul 2, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain... Moderate Unreviewed
CVE-2024-35139 was published Jun 28, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could... High Unreviewed
CVE-2023-38370 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information... Moderate Unreviewed
CVE-2023-38368 was published Jun 27, 2024
pgAdmin <= 8.8 has an installation Directory permission issue. Because of this issue, attackers... High Unreviewed
CVE-2024-6238 was published Jun 25, 2024
Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows... Moderate Unreviewed
CVE-2024-22385 was published Jun 25, 2024
The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an... High Unreviewed
CVE-2024-36495 was published Jun 24, 2024
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2024-34012 was published Jun 14, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several... High Unreviewed
CVE-2024-27167 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database