GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
560 advisories
Filter by severity
Mercurial has Incorrect Permission Assignment for Critical Resource
High
CVE-2017-9462
was published
for
mercurial
(pip)
Jul 13, 2018
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an...
High
Unreviewed
CVE-2024-25646
was published
Apr 9, 2024
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757,...
High
Unreviewed
CVE-2023-49580
was published
Dec 12, 2023
SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing...
High
Unreviewed
CVE-2023-33990
was published
Jul 11, 2023
When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions...
High
Unreviewed
CVE-2023-35870
was published
Jul 11, 2023
Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability
High
CVE-2023-5077
was published
for
github.com/hashicorp/vault
(Go)
Sep 29, 2023
Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default
High
CVE-2024-7594
was published
for
github.com/hashicorp/vault
(Go)
Sep 26, 2024
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated...
High
Unreviewed
CVE-2023-47712
was published
May 14, 2024
External Secrets Operator vulnerable to privilege escalation
High
CVE-2024-45041
was published
for
github.com/external-secrets/external-secrets
(Go)
Sep 9, 2024
In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated...
High
Unreviewed
CVE-2022-22521
was published
Apr 28, 2022
Podman Elevated Container Privileges
High
CVE-2018-10856
was published
for
github.com/containers/podman
(Go)
May 13, 2022
HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain...
High
Unreviewed
CVE-2024-38456
was published
Sep 3, 2024
Incorrect permission assignment for critical resource issue exists in ZWX-2000CSW2-HN firmware...
High
Unreviewed
CVE-2024-41720
was published
Aug 5, 2024
Vulnerability of permissions being not strictly verified in the WMS module. Successful...
High
Unreviewed
CVE-2023-52107
was published
Jan 16, 2024
Froxlor: /etc/pure-ftpd/db/mysql.conf is chmod 644 but contains <SQL_UNPRIVILEGED_PASSWORD>
High
GHSA-34qg-65m4-f23m
was published
for
froxlor/froxlor
(Composer)
Aug 23, 2024
VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability....
High
Unreviewed
CVE-2024-5930
was published
Aug 21, 2024
Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate...
High
Unreviewed
CVE-2024-36821
was published
Jun 11, 2024
CVE-2024-7513 IMPACT
A code execution vulnerability exists in the affected product. The...
High
Unreviewed
CVE-2024-7513
was published
Aug 14, 2024
In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local...
High
Unreviewed
CVE-2024-6619
was published
Aug 13, 2024
Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain...
High
Unreviewed
CVE-2024-43199
was published
Aug 7, 2024
Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources
High
CVE-2021-25318
was published
for
github.com/rancher/rancher
(Go)
Apr 24, 2024
A privilege escalation vulnerability exists in the affected products which could allow a...
High
Unreviewed
CVE-2024-6435
was published
Jul 16, 2024
A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP...
High
Unreviewed
CVE-2024-31202
was published
Jul 31, 2024
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing...
High
Unreviewed
CVE-2019-15752
was published
May 24, 2022
The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all...
High
Unreviewed
CVE-2024-3668
was published
Jun 8, 2024
ProTip!
Advisories are also available from the
GraphQL API