GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,032 advisories
Filter by severity
The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder...
High
Unreviewed
CVE-2024-11969
was published
Nov 28, 2024
An issue in Owncloud android apk v.4.3.1 allows a physically proximate attacker to escalate...
Moderate
Unreviewed
CVE-2024-50657
was published
Nov 22, 2024
Incorrect access control in Meabilis CMS 1.0 allows attackers to access other users' address...
Unknown
Unreviewed
CVE-2024-44786
was published
Nov 22, 2024
Moodle IDOR when deleting OAuth2 linked accounts
Moderate
CVE-2024-45690
was published
for
moodle/moodle
(Composer)
Nov 20, 2024
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated...
High
Unreviewed
CVE-2024-52323
was published
Nov 27, 2024
A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense...
Moderate
Unreviewed
CVE-2019-1982
was published
May 24, 2022
ansible-runner has default temporary files written to world R/W locations
Moderate
CVE-2021-3701
was published
for
ansible-runner
(pip)
Aug 24, 2022
In ICMPv6 Neighbor Discovery (ND), the ID is always 0. When pf is configured to allow ND and...
Moderate
Unreviewed
CVE-2024-6640
was published
Aug 12, 2024
Gee-netics, member of the AXIS Camera Station Pro Bug Bounty Program has found that it is...
Moderate
Unreviewed
CVE-2024-6476
was published
Nov 26, 2024
By default, dedicated folders of ZEDMAIL for Windows up to 2024.3 can be accessed by other users...
High
Unreviewed
CVE-2024-46462
was published
Nov 15, 2024
By default, dedicated folders of ZONECENTRAL for Windows up to 2024.3 or up to Q.2021.2 (ANSSI...
High
Unreviewed
CVE-2024-46466
was published
Nov 15, 2024
By default, dedicated folders of ZONEPOINT for Windows up to 2024.1 can be accessed by other...
High
Unreviewed
CVE-2024-46467
was published
Nov 15, 2024
By default, dedicated folders of CRYHOD for Windows up to 2024.3 can be accessed by other users...
High
Unreviewed
CVE-2024-46465
was published
Nov 15, 2024
By default, dedicated folders of ORIZON for Windows up to 2024.3 can be accessed by other users...
High
Unreviewed
CVE-2024-46463
was published
Nov 15, 2024
MLflow's excessive directory permissions allow local privilege escalation
High
CVE-2024-27134
was published
for
mlflow
(pip)
Nov 25, 2024
An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges.
Critical
Unreviewed
CVE-2024-51162
was published
Nov 20, 2024
In the getHost() function of UriTest.java, there is the possibility of incorrect web origin...
Critical
Unreviewed
CVE-2018-9467
was published
Nov 20, 2024
In bootloader there is fastboot command allowing user specified kernel command line arguments....
High
Unreviewed
CVE-2018-9369
was published
Nov 19, 2024
Vulnerability in the PeopleSoft Enterprise HCM Shared Components product of Oracle PeopleSoft ...
Moderate
Unreviewed
CVE-2024-21122
was published
Jul 17, 2024
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an...
High
Unreviewed
CVE-2023-21270
was published
Nov 19, 2024
In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there...
High
Unreviewed
CVE-2018-9432
was published
Nov 20, 2024
In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to...
High
Unreviewed
CVE-2017-13312
was published
Nov 16, 2024
Incorrect access control in QuickHeal Antivirus Pro 24.1.0.182 and earlier allows authenticated...
Moderate
Unreviewed
CVE-2024-48293
was published
Nov 18, 2024
An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total...
High
Unreviewed
CVE-2024-48292
was published
Nov 18, 2024
AVSCMS v8.2.0 was discovered to contain weak default credentials for the Administrator account.
Critical
Unreviewed
CVE-2024-51051
was published
Nov 19, 2024
ProTip!
Advisories are also available from the
GraphQL API