GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,163
Composer 4,339
Erlang 31
GitHub Actions 22
Go 2,098
Maven 5,270
npm 3,762
NuGet 678
pip 3,448
Pub 12
RubyGems 892
Rust 883
Swift 37

Unreviewed advisories

All unreviewed 242,834

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

261 advisories

Filter by severity

Sort by

Least recently updated

Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers... Moderate Unreviewed

CVE-2024-50928 was published Dec 10, 2024

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed

CVE-2024-41649 was published Dec 7, 2024

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed

CVE-2024-41646 was published Dec 7, 2024

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed

CVE-2024-41645 was published Dec 7, 2024

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... High Unreviewed

CVE-2024-41650 was published Dec 7, 2024

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed

CVE-2024-41644 was published Dec 7, 2024

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... High Unreviewed

CVE-2024-41648 was published Dec 7, 2024

Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers... Moderate Unreviewed

CVE-2024-50929 was published Dec 10, 2024

Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers... High Unreviewed

CVE-2024-50920 was published Dec 10, 2024

The Mister org.mistergroup.shouldianswer application 1.4.264 for Android enables any installed... High Unreviewed

CVE-2024-37575 was published Dec 4, 2024

Silicon Labs Z-Wave Series 500 v6.84.0 was discovered to contain insecure permissions. Moderate Unreviewed

CVE-2024-50931 was published Dec 10, 2024

A permissions issue was addressed by removing vulnerable code and adding additional checks. This... High Unreviewed

CVE-2024-27888 was published Jul 30, 2024

A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 10... High Unreviewed

CVE-2024-40805 was published Jul 30, 2024

Vulnerability of permission verification in the content sharing pop-up module.Successful... High Unreviewed

CVE-2023-52373 was published Feb 18, 2024

Permission verification vulnerability in the system module. Impact: Successful exploitation of... Moderate Unreviewed

CVE-2023-52542 was published Apr 8, 2024

runc AppArmor bypass with symlinked /proc Moderate

CVE-2023-28642 was published for github.com/opencontainers/runc (Go) Mar 30, 2023

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2023-32388 was published Jun 23, 2023

This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5,... Moderate Unreviewed

CVE-2023-32400 was published Jun 23, 2023

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura... Moderate Unreviewed

CVE-2023-32355 was published Jun 23, 2023

Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM... High Unreviewed

CVE-2023-34672 was published Jun 23, 2023

An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could... Moderate Unreviewed

CVE-2023-32552 was published Jun 27, 2023

Missing permission checks on Hazelcast client protocol High

CVE-2023-45859 was published for com.hazelcast:hazelcast (Maven) Feb 27, 2024

Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion Moderate

CVE-2024-43784 was published for github.com/treeverse/lakefs (Go) Nov 26, 2024

Rclone has Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata Moderate

CVE-2024-52522 was published for github.com/rclone/rclone (Go) Nov 19, 2024

vantage6 vulnerable to Improper Preservation of Permissions High

CVE-2023-22738 was published for vantage6 (pip) Feb 28, 2023

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

261 advisories