GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,523

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,100 advisories

Filter by severity

Sort by

Least recently updated

In PRIMX ZED Enterprise up to 2024.3, technical files stored in local folders with common user... High Unreviewed

CVE-2024-46464 was published Jan 10, 2025

Vaultwarden vulnerable to user impersonation High

CVE-2024-55225 was published for vaultwarden (Rust) Jan 9, 2025

IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as... Moderate Unreviewed

CVE-2024-43176 was published Jan 9, 2025

pgAdmin has Incorrect Default Permissions High

CVE-2023-1907 was published for pgadmin4 (pip) Jan 9, 2025

An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Privilege escalation can be... Critical Unreviewed

CVE-2022-41572 was published Jan 7, 2025

Incorrect default permissions in some Intel(R) Chipset Driver Software before version 10.1.19444... High Unreviewed

CVE-2023-28739 was published Jan 7, 2025

An issue was discovered in Inspur ClusterEngine v4.0 that allows attackers to gain escalated... High Unreviewed

CVE-2021-27285 was published Jan 7, 2025

In startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused... High Unreviewed

CVE-2024-53841 was published Jan 3, 2025

there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed

CVE-2024-53840 was published Jan 3, 2025

there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to... High Unreviewed

CVE-2024-11624 was published Jan 3, 2025

there is a possible biometric bypass due to an unusual root cause. This could lead to local... High Unreviewed

CVE-2024-53835 was published Jan 3, 2025

In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could... High Unreviewed

CVE-2024-43769 was published Jan 3, 2025

Some Huawei wearables have a permission management vulnerability. High Unreviewed

CVE-2021-37000 was published Dec 28, 2024

Incorrect default permissions vulnerability in Evoko Home, affecting version 2.4.2 to 2.7.4. A... High Unreviewed

CVE-2024-12903 was published Dec 23, 2024

PVH guests have their ACPI tables constructed by the toolstack. The construction involves... Moderate Unreviewed

CVE-2024-45819 was published Dec 19, 2024

Incorrect Default Permissions vulnerability in Edgecross Basic Software for Windows versions 1.00... High Unreviewed

CVE-2024-4229 was published Dec 19, 2024

Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned... High Unreviewed

CVE-2024-49202 was published Dec 18, 2024

CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and... High Unreviewed

CVE-2024-38499 was published Dec 17, 2024

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an... Critical Unreviewed

CVE-2024-55956 was published Dec 13, 2024

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed

CVE-2024-44224 was published Dec 12, 2024

Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability. This... High Unreviewed

CVE-2024-11872 was published Dec 12, 2024

Under specific circumstances, insecure permissions in Ivanti Application Control before version... High Unreviewed

CVE-2024-11598 was published Dec 11, 2024

Under specific circumstances, insecure permissions in Ivanti Performance Manager before version... High Unreviewed

CVE-2024-11597 was published Dec 11, 2024

Under specific circumstances, insecure permissions in Ivanti Security Controls before version... High Unreviewed

CVE-2024-10251 was published Dec 11, 2024

Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1... High Unreviewed

CVE-2024-9845 was published Dec 11, 2024

Previous 1 2 3 4 5 … 43 44 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,100 advisories