Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

263 advisories

Loading
A non-admin user can change or remove important features within the Zabbix Agent application,... Moderate Unreviewed
CVE-2024-22121 was published Aug 12, 2024
User with no permission to any of the Hosts can access and view host count & other statistics... Moderate Unreviewed
CVE-2024-22114 was published Aug 12, 2024
In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin... High Unreviewed
CVE-2024-23464 was published Aug 6, 2024
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a... Moderate Unreviewed
CVE-2024-33892 was published Aug 2, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 10... High Unreviewed
CVE-2024-40805 was published Jul 30, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS... High Unreviewed
CVE-2024-40828 was published Jul 30, 2024
This issue was addressed through improved state management. This issue is fixed in watchOS 10.6,... High Unreviewed
CVE-2024-40824 was published Jul 30, 2024
An input validation issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2024-40800 was published Jul 30, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. An app... High Unreviewed
CVE-2024-40811 was published Jul 30, 2024
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2024-40821 was published Jul 30, 2024
A permissions issue was addressed by removing vulnerable code and adding additional checks. This... High Unreviewed
CVE-2024-27888 was published Jul 30, 2024
Potential vulnerabilities have been identified in the HP Display Control software component... Moderate Unreviewed
CVE-2024-29080 was published Jul 19, 2024
Insecure permissions in kruise v1.6.2 allows attackers to access sensitive data and escalate... Critical Unreviewed
CVE-2024-36532 was published Jun 22, 2024
SpiceDB exclusions can result in no permission returned when permission expected Moderate
CVE-2024-38361 was published for github.com/authzed/spicedb (Go) Jun 20, 2024
There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force... High Unreviewed
CVE-2023-25646 was published Jun 20, 2024
`docker cp` allows unexpected chmod of host files in Moby Docker Engine Low
CVE-2021-41089 was published for github.com/docker/docker (Go) Jun 10, 2024
LevanaXr ssst0n3
When installing Nessus Agent to a directory outside of the default location on a Windows host,... High Unreviewed
CVE-2024-3291 was published May 17, 2024
When installing Nessus to a directory outside of the default location on a Windows host, Nessus... High Unreviewed
CVE-2024-3289 was published May 17, 2024
Grafana folders admin only permission privilege escalation High
CVE-2022-36062 was published for github.com/grafana/grafana (Go) May 14, 2024
Broken Access Control vulnerability in ReviewX.This issue affects ReviewX: from n/a through 1.6... Moderate Unreviewed
CVE-2024-33921 was published May 3, 2024
Quarkus: security checks in resteasy reactive may trigger a denial of service Moderate
CVE-2024-1726 was published for io.quarkus.resteasy.reactive:resteasy-reactive (Maven) Apr 25, 2024
Authelia's Group Changes may not have the expected results (YAML file backend) Low
GHSA-x883-2vmg-xwf7 was published for github.com/authelia/authelia/v4 (Go) Apr 22, 2024
ezrizhu
HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when... Moderate Unreviewed
CVE-2024-23560 was published Apr 15, 2024
Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop... Moderate Unreviewed
CVE-2024-3545 was published Apr 9, 2024
Permission verification vulnerability in the system module. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2023-52542 was published Apr 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database