Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,039
Erlang
29
GitHub Actions
18
Go
1,864
Maven
5,000+
npm
3,587
NuGet
636
pip
3,176
Pub
10
RubyGems
852
Rust
805
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,118 advisories

IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0,... Moderate Unreviewed
CVE-2022-43915 was published Aug 24, 2024
Froxlor: /etc/pure-ftpd/db/mysql.conf is chmod 644 but contains <SQL_UNPRIVILEGED_PASSWORD> High
GHSA-34qg-65m4-f23m was published for froxlor/froxlor (Composer) Aug 23, 2024
hardfalcon
A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat... Moderate Unreviewed
CVE-2024-7986 was published Aug 23, 2024
VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2024-5930 was published Aug 21, 2024
Improper permission control in the mobile application (com.android.server.telecom) may lead to... Unknown Unreviewed
CVE-2024-6780 was published Jul 16, 2024
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user... Critical Unreviewed
CVE-2024-5163 was published Jun 17, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows... Moderate Unreviewed
CVE-2024-5915 was published Aug 14, 2024
Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate... High Unreviewed
CVE-2024-36821 was published Jun 11, 2024
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software... Moderate Unreviewed
CVE-2022-41700 was published Nov 14, 2023
CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The... High Unreviewed
CVE-2024-7513 was published Aug 14, 2024
In Ocean Data Systems Dream Report, an incorrect permission vulnerability could allow a local... High Unreviewed
CVE-2024-6619 was published Aug 13, 2024
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could... Low Unreviewed
CVE-2022-33167 was published Jul 30, 2024
Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain... High Unreviewed
CVE-2024-43199 was published Aug 7, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... Moderate Unreviewed
CVE-2024-39875 was published Jul 9, 2024
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and... Moderate Unreviewed
CVE-2021-3557 was published Feb 17, 2022
Kubean vulnerable to cluster-level privilege escalation Moderate
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
snapd failed to restrict writes to the $HOME/bin path Moderate
CVE-2024-1724 was published for github.com/snapcore/snapd (Go) Jul 25, 2024
Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources High
CVE-2021-25318 was published for github.com/rancher/rancher (Go) Apr 24, 2024
Grafana information disclosure Moderate
CVE-2020-12458 was published for github.com/grafana/grafana (Go) May 24, 2022
Grafana world readable configuration files Moderate
CVE-2020-12459 was published for github.com/grafana/grafana (Go) May 24, 2022
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for... Moderate Unreviewed
CVE-2024-41685 was published Jul 26, 2024
A privilege escalation vulnerability exists in the affected products which could allow a... High Unreviewed
CVE-2024-6435 was published Jul 16, 2024
An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows... Moderate Unreviewed
CVE-2024-28589 was published Apr 3, 2024
A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP... High Unreviewed
CVE-2024-31202 was published Jul 31, 2024
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing... High Unreviewed
CVE-2019-15752 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API