Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

986 advisories

Loading
Improper Handling of Insufficient Permissions in KnoxMiscPolicy prior to SMR Sep-2024 Release 1... Moderate Unreviewed
CVE-2024-34648 was published Sep 4, 2024
Improper handling of insufficient permissions in Samsung Assistant prior to version 9.1.00.7... Moderate Unreviewed
CVE-2024-34661 was published Sep 4, 2024
Sensitive information disclosure due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2024-34018 was published Aug 29, 2024
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise... Critical Unreviewed
CVE-2024-44760 was published Aug 28, 2024
ntfs3 in the Linux kernel before 6.5.11 allows a physically proximate attacker to read kernel... High Unreviewed
CVE-2023-45896 was published Aug 28, 2024
request_store has Incorrect Default Permissions Moderate
CVE-2024-43791 was published for request_store (RubyGems) Aug 23, 2024
G-Rath
An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo... High Unreviewed
CVE-2024-4763 was published Aug 16, 2024
An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and... High Unreviewed
CVE-2024-2175 was published Aug 16, 2024
Improper Preservation of Permissions in xxl-job High
CVE-2024-42681 was published for com.xuxueli:xxl-job-core (Maven) Aug 15, 2024
Incorrect default permissions for some Intel(R) Advisor software before version 2024.1 may allow... Moderate Unreviewed
CVE-2024-26025 was published Aug 14, 2024
Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an... Moderate Unreviewed
CVE-2024-27461 was published Aug 14, 2024
Incorrect default permissions in some Intel(R) ISH software installers may allow an authenticated... Moderate Unreviewed
CVE-2024-23974 was published Aug 14, 2024
Incorrect default permissions in some Intel Unite(R) Client Extended Display Plugin software... Moderate Unreviewed
CVE-2024-22378 was published Aug 14, 2024
Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024... Moderate Unreviewed
CVE-2024-23495 was published Aug 14, 2024
Incorrect default permissions for some Intel(R) Connectivity Performance Suite software... Moderate Unreviewed
CVE-2023-43747 was published Aug 14, 2024
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to... High Unreviewed
CVE-2023-31349 was published Aug 13, 2024
CloudStack account-users by default use username and password based authentication for API and UI... High Unreviewed
CVE-2024-42062 was published Aug 7, 2024
Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows... Moderate Unreviewed
CVE-2024-34617 was published Aug 7, 2024
Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1... Moderate Unreviewed
CVE-2024-34616 was published Aug 7, 2024
It was possible for a web extension with minimal permissions to create a `StreamFilter` which... Critical Unreviewed
CVE-2024-7525 was published Aug 6, 2024
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory... High Unreviewed
CVE-2024-43114 was published Aug 6, 2024
Kubean vulnerable to cluster-level privilege escalation Moderate
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
Untrusted Search Path, Incorrect Default Permissions vulnerability in Cato Networks SDP Client on... High Unreviewed
CVE-2024-6974 was published Jul 31, 2024
The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with... High Unreviewed
CVE-2024-42053 was published Jul 28, 2024
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and... High Unreviewed
CVE-2024-36541 was published Jul 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database