Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

215 advisories

Loading
When installing Nessus Agent to a directory outside of the default location on a Windows host,... High Unreviewed
CVE-2024-3291 was published May 17, 2024
When installing Nessus to a directory outside of the default location on a Windows host, Nessus... High Unreviewed
CVE-2024-3289 was published May 17, 2024
Grafana folders admin only permission privilege escalation High
CVE-2022-36062 was published for github.com/grafana/grafana (Go) May 14, 2024
Broken Access Control vulnerability in ReviewX.This issue affects ReviewX: from n/a through 1.6... Moderate Unreviewed
CVE-2024-33921 was published May 3, 2024
Quarkus: security checks in resteasy reactive may trigger a denial of service Moderate
CVE-2024-1726 was published for io.quarkus.resteasy.reactive:resteasy-reactive (Maven) Apr 25, 2024
Authelia's Group Changes may not have the expected results (YAML file backend) Low
GHSA-x883-2vmg-xwf7 was published for github.com/authelia/authelia/v4 (Go) Apr 22, 2024
ezrizhu
HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when... Moderate Unreviewed
CVE-2024-23560 was published Apr 15, 2024
Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop... Moderate Unreviewed
CVE-2024-3545 was published Apr 9, 2024
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get... Low Unreviewed
CVE-2024-22177 was published Apr 2, 2024
Apache Airflow Improper Preservation of Permissions vulnerability Moderate
CVE-2024-29735 was published for apache-airflow (pip) Mar 26, 2024
Anope before 2.0.15 does not prevent resetting the password of a suspended account. Moderate Unreviewed
CVE-2024-30187 was published Mar 25, 2024
Apache Airflow: Ignored Airflow Permission Moderate
CVE-2024-28746 was published for apache-airflow (pip) Mar 14, 2024
oscerd
Jenkins Bitbucket Branch Source Plugin has incorrect trust policy behavior for pull requests Moderate
CVE-2024-28152 was published for org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source (Maven) Mar 6, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through... Moderate Unreviewed
CVE-2024-21816 was published Mar 4, 2024
An issue was discovered in Couchbase Server before 7.2.4. An attacker can bypass SQL++ N1QL cURL... Moderate Unreviewed
CVE-2023-49932 was published Feb 29, 2024
Missing permission checks on Hazelcast client protocol High
CVE-2023-45859 was published for com.hazelcast:hazelcast (Maven) Feb 27, 2024
Moby (Docker Engine) Insufficiently restricted permissions on data directory Moderate
CVE-2021-41091 was published for github.com/docker/docker (Go) Jan 31, 2024
joanbm AlonZa
neersighted
Improper Preservation of Permissions in etcd Moderate
CVE-2020-15113 was published for github.com/etcd-io/etcd (Go) Jan 30, 2024
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,... Moderate Unreviewed
CVE-2024-0674 was published Jan 30, 2024
Insufficient macro permission validation of The Document Foundation LibreOffice allows an... High Unreviewed
CVE-2023-6186 was published Dec 11, 2023
Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote... Critical Unreviewed
CVE-2023-47463 was published Nov 30, 2023
Improperly calculated effective permissions in M-Files Server versions 23.9 and 23.10 and 23.11... Moderate Unreviewed
CVE-2023-6239 was published Nov 28, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write... High Unreviewed
CVE-2023-43612 was published Nov 20, 2023
Netskope was made aware of a security vulnerability in its NSClient product for version 100 &... Moderate Unreviewed
CVE-2023-4996 was published Nov 6, 2023
SaToken privilege escalation vulnerability Critical
CVE-2023-44794 was published for cn.dev33:sa-token-core (Maven) Oct 25, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database