GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,842
Composer 4,262
Erlang 31
GitHub Actions 21
Go 2,024
Maven 5,206
npm 3,731
NuGet 662
pip 3,407
Pub 12
RubyGems 891
Rust 864
Swift 36

Unreviewed advisories

All unreviewed 237,171

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

388 advisories

Filter by severity

Sort by

Least recently updated

In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices... Moderate Unreviewed

CVE-2024-8256 was published Dec 10, 2024

Incorrect permission assignment in the user migration feature in Devolutions Server 2024.3.8.0... Moderate Unreviewed

CVE-2024-12151 was published Dec 4, 2024

Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.8... Moderate Unreviewed

CVE-2024-45841 was published Dec 5, 2024

Vulnerability in the PeopleSoft Enterprise HCM Benefits Administration product of Oracle... Moderate Unreviewed

CVE-2024-21063 was published Apr 17, 2024

stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp... Moderate Unreviewed

CVE-2024-54159 was published Nov 30, 2024

This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of... Moderate Unreviewed

CVE-2024-21703 was published Nov 27, 2024

A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD)... Moderate Unreviewed

CVE-2020-3312 was published May 24, 2022

Affected devices create coredump files when crashed, storing them with world-readable permission.... Moderate Unreviewed

CVE-2024-28955 was published Nov 26, 2024

On Windows systems, the Arc configuration files resulted to be world-readable. This can lead... Moderate Unreviewed

CVE-2023-5937 was published May 15, 2024

A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect... Moderate Unreviewed

CVE-2024-41970 was published Nov 18, 2024

Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this... Moderate Unreviewed

CVE-2023-52554 was published Apr 8, 2024

The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network... Moderate Unreviewed

CVE-2024-37087 was published Jun 25, 2024

Affected versions of Atlassian Jira Service Management Server and Data Center allow remote... Moderate Unreviewed

CVE-2022-36800 was published Aug 4, 2022

An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed

CVE-2023-5136 was published Nov 8, 2023

The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag... Moderate Unreviewed

CVE-2024-6739 was published Jul 15, 2024

Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could... Moderate Unreviewed

CVE-2024-6360 was published Oct 2, 2024

Under certain condition SAP NetWeaver (Enterprise Portal) - version 7.50 allows an attacker to... Moderate Unreviewed

CVE-2024-25645 was published Mar 12, 2024

Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access... Moderate Unreviewed

CVE-2024-25644 was published Mar 12, 2024

SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL... Moderate Unreviewed

CVE-2024-24740 was published Feb 13, 2024

Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions... Moderate Unreviewed

CVE-2024-28163 was published Mar 12, 2024

Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and... Moderate Unreviewed

CVE-2024-29964 was published Apr 19, 2024

Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before... Moderate Unreviewed

CVE-2024-23908 was published Aug 14, 2024

Insecure inherited permissions in some Intel(R) HID Event Filter software installers before... Moderate Unreviewed

CVE-2024-25561 was published Aug 14, 2024

Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local... Moderate Unreviewed

CVE-2023-49582 was published Aug 26, 2024

IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0,... Moderate Unreviewed

CVE-2022-43915 was published Aug 24, 2024

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

388 advisories