GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
369 advisories
Filter by severity
Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and...
Moderate
Unreviewed
CVE-2024-29964
was published
Apr 19, 2024
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before...
Moderate
Unreviewed
CVE-2024-25561
was published
Aug 14, 2024
Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before...
Moderate
Unreviewed
CVE-2024-23908
was published
Aug 14, 2024
Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local...
Moderate
Unreviewed
CVE-2023-49582
was published
Aug 26, 2024
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0,...
Moderate
Unreviewed
CVE-2022-43915
was published
Aug 24, 2024
A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat...
Moderate
Unreviewed
CVE-2024-7986
was published
Aug 23, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows...
Moderate
Unreviewed
CVE-2024-5915
was published
Aug 14, 2024
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software...
Moderate
Unreviewed
CVE-2022-41700
was published
Nov 14, 2023
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
Moderate
Unreviewed
CVE-2024-39875
was published
Jul 9, 2024
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and...
Moderate
Unreviewed
CVE-2021-3557
was published
Feb 17, 2022
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for...
Moderate
Unreviewed
CVE-2024-41685
was published
Jul 26, 2024
An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows...
Moderate
Unreviewed
CVE-2024-28589
was published
Apr 3, 2024
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local...
Moderate
Unreviewed
CVE-2024-20456
was published
Jul 10, 2024
A local privilege escalation vulnerability has been identified in Harmony Endpoint Security...
Moderate
Unreviewed
CVE-2024-24912
was published
May 1, 2024
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-21305
was published
Jan 9, 2024
A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.22). The...
Moderate
Unreviewed
CVE-2023-38640
was published
Oct 10, 2023
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma...
Moderate
Unreviewed
CVE-2023-42861
was published
Oct 25, 2023
Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow...
Moderate
Unreviewed
CVE-2024-21835
was published
May 16, 2024
Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products
Moderate
Unreviewed
CVE-2024-27108
was published
May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Moderate
Unreviewed
CVE-2024-30208
was published
May 14, 2024
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp.
Moderate
Unreviewed
CVE-2022-48257
was published
Jan 13, 2023
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3...
Moderate
Unreviewed
CVE-2024-22334
was published
Apr 12, 2024
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6...
Moderate
Unreviewed
CVE-2023-4228
was published
Aug 24, 2023
Vulnerability of improper permission management in the displayengine module. Successful...
Moderate
Unreviewed
CVE-2023-41295
was published
Sep 25, 2023
Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows...
Moderate
Unreviewed
CVE-2023-34797
was published
Jun 15, 2023
ProTip!
Advisories are also available from the
GraphQL API