GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
369 advisories
Filter by severity
Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local...
Moderate
Unreviewed
CVE-2023-49582
was published
Aug 26, 2024
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0,...
Moderate
Unreviewed
CVE-2022-43915
was published
Aug 24, 2024
A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat...
Moderate
Unreviewed
CVE-2024-7986
was published
Aug 23, 2024
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows...
Moderate
Unreviewed
CVE-2024-5915
was published
Aug 14, 2024
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before...
Moderate
Unreviewed
CVE-2024-25561
was published
Aug 14, 2024
Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before...
Moderate
Unreviewed
CVE-2024-23908
was published
Aug 14, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for...
Moderate
Unreviewed
CVE-2024-41685
was published
Jul 26, 2024
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local...
Moderate
Unreviewed
CVE-2024-20456
was published
Jul 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1)....
Moderate
Unreviewed
CVE-2024-39875
was published
Jul 9, 2024
Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow...
Moderate
Unreviewed
CVE-2024-21835
was published
May 16, 2024
Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products
Moderate
Unreviewed
CVE-2024-27108
was published
May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Moderate
Unreviewed
CVE-2024-30208
was published
May 14, 2024
A local privilege escalation vulnerability has been identified in Harmony Endpoint Security...
Moderate
Unreviewed
CVE-2024-24912
was published
May 1, 2024
Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and...
Moderate
Unreviewed
CVE-2024-29964
was published
Apr 19, 2024
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3...
Moderate
Unreviewed
CVE-2024-22334
was published
Apr 12, 2024
An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows...
Moderate
Unreviewed
CVE-2024-28589
was published
Apr 3, 2024
Dell Grab for Windows, versions 5.0.4 and below, contains an improper file permissions...
Moderate
Unreviewed
CVE-2024-25956
was published
Mar 26, 2024
Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some...
Moderate
Unreviewed
CVE-2023-38541
was published
Jan 19, 2024
The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2023-6506
was published
Jan 11, 2024
The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due...
Moderate
Unreviewed
CVE-2023-6883
was published
Jan 11, 2024
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-21305
was published
Jan 9, 2024
There is a local privilege escalation vulnerability of ZTE's ZXCLOUD iRAI.Attackers with regular...
Moderate
Unreviewed
CVE-2023-41776
was published
Jan 3, 2024
A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing...
Moderate
Unreviewed
CVE-2023-7055
was published
Dec 22, 2023
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak...
Moderate
Unreviewed
CVE-2023-25648
was published
Dec 14, 2023
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS...
Moderate
Unreviewed
CVE-2023-42924
was published
Dec 12, 2023
ProTip!
Advisories are also available from the
GraphQL API