GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
816 advisories
Filter by severity
In the Linux kernel, the following vulnerability has been resolved:
selinux,smack: don't bypass...
Moderate
Unreviewed
CVE-2024-46695
was published
Sep 13, 2024
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The...
High
Unreviewed
CVE-2024-8533
was published
Sep 12, 2024
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious...
Critical
Unreviewed
CVE-2020-14521
was published
Feb 12, 2022
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-38222
was published
Sep 12, 2024
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www...
Moderate
Unreviewed
CVE-2024-6325
was published
Jul 16, 2024
NNM failed to properly set ACLs on its installation directory, which could allow a low...
High
Unreviewed
CVE-2023-5623
was published
Oct 26, 2023
Improper handling of insufficient permissions in Samsung Assistant prior to version 9.1.00.7...
Moderate
Unreviewed
CVE-2024-34661
was published
Sep 4, 2024
Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1...
Moderate
Unreviewed
CVE-2024-34648
was published
Sep 4, 2024
Insecure permissions in Smart Soft advancedexport before v4.4.7 allow unauthenticated attackers...
High
Unreviewed
CVE-2023-43984
was published
Nov 8, 2023
The TD Bank TD Advanced Dashboard client through 3.0.3 for macOS allows arbitrary code execution...
High
Unreviewed
CVE-2023-50975
was published
Feb 21, 2024
Sensitive information disclosure due to insecure folder permissions. The following products are...
Moderate
Unreviewed
CVE-2024-34018
was published
Aug 29, 2024
A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is...
Moderate
Unreviewed
CVE-2023-6302
was published
Nov 27, 2023
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise...
Critical
Unreviewed
CVE-2024-44760
was published
Aug 28, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue...
Critical
Unreviewed
CVE-2024-3375
was published
Apr 29, 2024
Vulnerability of undefined permissions in the Calendar app.
Impact: Successful exploitation of...
High
Unreviewed
CVE-2023-52545
was published
Apr 8, 2024
The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions...
High
Unreviewed
CVE-2023-7235
was published
Feb 21, 2024
Clario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to...
High
Unreviewed
CVE-2024-34474
was published
May 5, 2024
extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic...
High
Unreviewed
CVE-2023-46870
was published
May 14, 2024
CloudStack account-users by default use username and password based authentication for API and UI...
High
Unreviewed
CVE-2024-42062
was published
Aug 7, 2024
An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo...
High
Unreviewed
CVE-2024-4763
was published
Aug 16, 2024
An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and...
High
Unreviewed
CVE-2024-2175
was published
Aug 16, 2024
Incorrect default permissions in some Intel Unite(R) Client Extended Display Plugin software...
Moderate
Unreviewed
CVE-2024-22378
was published
Aug 14, 2024
Incorrect default permissions for some Intel(R) Connectivity Performance Suite software...
Moderate
Unreviewed
CVE-2023-43747
was published
Aug 14, 2024
Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an...
Moderate
Unreviewed
CVE-2024-27461
was published
Aug 14, 2024
Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow...
Moderate
Unreviewed
CVE-2024-26025
was published
Aug 14, 2024
ProTip!
Advisories are also available from the
GraphQL API