Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,039
Erlang
29
GitHub Actions
18
Go
1,864
Maven
5,000+
npm
3,587
NuGet
636
pip
3,176
Pub
10
RubyGems
852
Rust
805
Swift
34
Unreviewed advisories
All unreviewed
5,000+

552 advisories

Froxlor: /etc/pure-ftpd/db/mysql.conf is chmod 644 but contains <SQL_UNPRIVILEGED_PASSWORD> High
GHSA-34qg-65m4-f23m was published for froxlor/froxlor (Composer) Aug 23, 2024
hardfalcon
VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2024-5930 was published Aug 21, 2024
CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The... High Unreviewed
CVE-2024-7513 was published Aug 14, 2024
In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local... High Unreviewed
CVE-2024-6619 was published Aug 13, 2024
Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain... High Unreviewed
CVE-2024-43199 was published Aug 7, 2024
A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP... High Unreviewed
CVE-2024-31202 was published Jul 31, 2024
A privilege escalation vulnerability exists in the affected products which could allow a... High Unreviewed
CVE-2024-6435 was published Jul 16, 2024
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p8, < 2.2... High Unreviewed
CVE-2024-28827 was published Jul 10, 2024
Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate... High Unreviewed
CVE-2024-36821 was published Jun 11, 2024
The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all... High Unreviewed
CVE-2024-3668 was published Jun 8, 2024
A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2024-30369 was published Jun 6, 2024
On Unix systems (Linux, MacOS), Arc uses a temporary file with unsafe privileges. By tampering... High Unreviewed
CVE-2023-5936 was published May 15, 2024
Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices High Unreviewed
CVE-2024-1486 was published May 14, 2024
Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows... High Unreviewed
CVE-2023-35841 was published May 14, 2024
Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation... High Unreviewed
CVE-2023-51579 was published May 3, 2024
LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-40516 was published May 3, 2024
Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources High
CVE-2021-25318 was published for github.com/rancher/rancher (Go) Apr 24, 2024
A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security... High Unreviewed
CVE-2024-24910 was published Apr 18, 2024
WiX based installers are vulnerable to binary hijack when run as SYSTEM High
CVE-2024-29187 was published for WixToolset.Sdk (NuGet) Mar 25, 2024
KNaceri rohitmothe
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-21431 was published Mar 12, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to... High Unreviewed
CVE-2023-47564 was published Feb 2, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in B&R Industrial Automation... High Unreviewed
CVE-2020-24681 was published Feb 2, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write... High Unreviewed
CVE-2024-22016 was published Feb 2, 2024
Vulnerability of permissions being not strictly verified in the WMS module. Successful... High Unreviewed
CVE-2023-52107 was published Jan 16, 2024
Permission management vulnerability in the multi-screen interaction module. Successful... High Unreviewed
CVE-2023-52116 was published Jan 16, 2024
ProTip! Advisories are also available from the GraphQL API