GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,190
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,702
NuGet
656
pip
3,326
Pub
11
RubyGems
883
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
572 advisories
Filter by severity
A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected...
High
Unreviewed
CVE-2024-47808
was published
Nov 12, 2024
A vulnerability has been identified in SIPORT (All versions < V3.4.0). The affected application...
High
Unreviewed
CVE-2024-47783
was published
Nov 12, 2024
Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization...
High
Unreviewed
CVE-2024-45164
was published
Nov 4, 2024
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager that allows a user of...
High
Unreviewed
CVE-2024-0128
was published
Oct 26, 2024
Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may...
High
Unreviewed
CVE-2023-33870
was published
Oct 25, 2024
Nokia SR OS routers allow read-write access to the entire file system via SFTP or SCP for users...
High
Unreviewed
CVE-2023-6729
was published
Oct 17, 2024
Insecure permissions in the packaging of tomcat allow local users that win a race during package...
High
Unreviewed
CVE-2024-22029
was published
Oct 16, 2024
Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226...
High
Unreviewed
CVE-2024-44729
was published
Oct 11, 2024
Insecure permissions in Ivanti EPMM before 12.1.0.4 allow a local authenticated attacker to...
High
Unreviewed
CVE-2024-7612
was published
Oct 8, 2024
Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default
High
CVE-2024-7594
was published
for
github.com/hashicorp/vault
(Go)
Sep 26, 2024
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain...
High
Unreviewed
CVE-2024-8900
was published
Sep 17, 2024
External Secrets Operator vulnerable to privilege escalation
High
CVE-2024-45041
was published
for
github.com/external-secrets/external-secrets
(Go)
Sep 9, 2024
HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain...
High
Unreviewed
CVE-2024-38456
was published
Sep 3, 2024
Froxlor: /etc/pure-ftpd/db/mysql.conf is chmod 644 but contains <SQL_UNPRIVILEGED_PASSWORD>
High
GHSA-34qg-65m4-f23m
was published
for
froxlor/froxlor
(Composer)
Aug 23, 2024
VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability....
High
Unreviewed
CVE-2024-5930
was published
Aug 21, 2024
CVE-2024-7513 IMPACT
A code execution vulnerability exists in the affected product. The...
High
Unreviewed
CVE-2024-7513
was published
Aug 14, 2024
In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local...
High
Unreviewed
CVE-2024-6619
was published
Aug 13, 2024
Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain...
High
Unreviewed
CVE-2024-43199
was published
Aug 7, 2024
Incorrect permission assignment for critical resource issue exists in ZWX-2000CSW2-HN firmware...
High
Unreviewed
CVE-2024-41720
was published
Aug 5, 2024
A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP...
High
Unreviewed
CVE-2024-31202
was published
Jul 31, 2024
A privilege escalation vulnerability exists in the affected products which could allow a...
High
Unreviewed
CVE-2024-6435
was published
Jul 16, 2024
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p8, < 2.2...
High
Unreviewed
CVE-2024-28827
was published
Jul 10, 2024
Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate...
High
Unreviewed
CVE-2024-36821
was published
Jun 11, 2024
The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all...
High
Unreviewed
CVE-2024-3668
was published
Jun 8, 2024
A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2024-30369
was published
Jun 6, 2024
ProTip!
Advisories are also available from the
GraphQL API