Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

560 advisories

Loading
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p8, < 2.2... High Unreviewed
CVE-2024-28827 was published Jul 10, 2024
A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application... High Unreviewed
CVE-2022-30527 was published Oct 10, 2023
A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security... High Unreviewed
CVE-2024-24910 was published Apr 18, 2024
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege... High Unreviewed
CVE-2022-22960 was published Apr 14, 2022
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-21431 was published Mar 12, 2024
A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.20). The... High Unreviewed
CVE-2023-45205 was published Oct 10, 2023
A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2024-30369 was published Jun 6, 2024
On Unix systems (Linux, MacOS), Arc uses a temporary file with unsafe privileges. By tampering... High Unreviewed
CVE-2023-5936 was published May 15, 2024
Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows... High Unreviewed
CVE-2023-35841 was published May 14, 2024
Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices High Unreviewed
CVE-2024-1486 was published May 14, 2024
NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU... High Unreviewed
CVE-2022-21819 was published Mar 12, 2022
Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation... High Unreviewed
CVE-2023-51579 was published May 3, 2024
LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-40516 was published May 3, 2024
Froxlor Incorrect Access Control High
CVE-2018-12642 was published for froxlor/froxlor (Composer) May 13, 2022
Jerome Gamez Firebase Admin SDK for PHP Incorrect Access Control vulnerability High
CVE-2018-1000025 was published for kreait/firebase-php (Composer) May 13, 2022
LightSAML Incorrect Access Control vulnerability High
CVE-2018-1000165 was published for lightsaml/lightsaml (Composer) May 13, 2022
SaltStack Salt Permissions Bypass High
CVE-2022-22941 was published for salt (pip) Mar 30, 2022
Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access control over the UART... High Unreviewed
CVE-2018-20007 was published May 24, 2022
The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for... High Unreviewed
CVE-2020-36154 was published May 24, 2022
3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows... High Unreviewed
CVE-2019-14935 was published May 24, 2022
Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect... High Unreviewed
CVE-2023-46449 was published Oct 26, 2023
SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To... High Unreviewed
CVE-2023-40361 was published Oct 20, 2023
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities... High Unreviewed
CVE-2023-32724 was published Oct 12, 2023
A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi... High Unreviewed
CVE-2023-20254 was published Sep 27, 2023
Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows... High Unreviewed
CVE-2023-4665 was published Sep 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database