Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,111
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
37
Unreviewed advisories
All unreviewed
5,000+

552 advisories

Loading
An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total... High Unreviewed
CVE-2024-48292 was published Nov 18, 2024
In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to... High Unreviewed
CVE-2017-13312 was published Nov 16, 2024
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are... High Unreviewed
CVE-2024-52867 was published Nov 17, 2024
In the read() function of ProcessStats.java, there is a possible read/write serialization issue... High Unreviewed
CVE-2017-13311 was published Nov 16, 2024
In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading... High Unreviewed
CVE-2017-13310 was published Nov 16, 2024
Kubean vulnerable to cluster-level privilege escalation High
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
Kubernetes sets incorrect permissions on Windows containers logs High
CVE-2024-5321 was published for k8s.io/kubernetes (Go) Jul 18, 2024
Incorrect Default Permissions in Apache DolphinScheduler High
CVE-2020-13922 was published for org.apache.dolphinscheduler:dolphinscheduler-api (Maven) Feb 9, 2022
Django allows unintended model editing High
CVE-2019-19118 was published for Django (pip) Dec 4, 2019
sunSUNQ
Restarting a run with revoked script approval allowed by Jenkins Pipeline: Declarative Plugin High
CVE-2024-52551 was published for org.jenkinsci.plugins:pipeline-model-parent (Maven) Nov 13, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display... High Unreviewed
CVE-2024-40660 was published Nov 13, 2024
In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents... High Unreviewed
CVE-2024-43085 was published Nov 13, 2024
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier... High Unreviewed
CVE-2024-43081 was published Nov 13, 2024
Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations... High Unreviewed
CVE-2024-21820 was published Nov 13, 2024
grub2 allowed attackers with access to the grub shell to access files on the encrypted disks. High Unreviewed
CVE-2024-49504 was published Nov 13, 2024
Incorrect default permissions in the AMD Provisioning Console installation directory could allow... High Unreviewed
CVE-2024-21958 was published Nov 12, 2024
Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory... High Unreviewed
CVE-2024-21945 was published Nov 12, 2024
Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could... High Unreviewed
CVE-2024-21946 was published Nov 12, 2024
Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation... High Unreviewed
CVE-2024-21939 was published Nov 12, 2024
Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center... High Unreviewed
CVE-2024-21938 was published Nov 12, 2024
Incorrect default permissions in the AMD Management Console installation directory could allow an... High Unreviewed
CVE-2024-21957 was published Nov 12, 2024
Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker... High Unreviewed
CVE-2024-21937 was published Nov 12, 2024
An issue was discovered in Lush 2 through 2020-02-25. Due to the lack of Bluetooth traffic... High Unreviewed
CVE-2020-11921 was published Nov 7, 2024
The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any... High Unreviewed
CVE-2024-36063 was published Nov 8, 2024
An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the... High Unreviewed
CVE-2019-20458 was published Nov 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database