Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,034 advisories

Loading
Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory... High Unreviewed
CVE-2024-21945 was published Nov 12, 2024
Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to... Moderate Unreviewed
CVE-2024-34679 was published Nov 6, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Moderate Unreviewed
CVE-2024-46894 was published Nov 12, 2024
Moodle has insufficient access control Low
CVE-2024-43430 was published for moodle/moodle (Composer) Nov 11, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21012 was published Apr 17, 2024
grub2 allowed attackers with access to the grub shell to access files on the encrypted disks. High Unreviewed
CVE-2024-49504 was published Nov 13, 2024
Incorrect default permissions for some Intel(R) Binary Configuration Tool software for Windows... Moderate Unreviewed
CVE-2024-25647 was published Nov 13, 2024
Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations... High Unreviewed
CVE-2024-21820 was published Nov 13, 2024
Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may... Moderate Unreviewed
CVE-2024-35201 was published Nov 13, 2024
Incorrect default permissions in some Intel(R) Distribution for Python software before version... Moderate Unreviewed
CVE-2024-29083 was published Nov 13, 2024
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier... High Unreviewed
CVE-2024-43081 was published Nov 13, 2024
In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to... High Unreviewed
CVE-2024-40661 was published Nov 13, 2024
In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents... High Unreviewed
CVE-2024-43085 was published Nov 13, 2024
In validateAccountsInternal of AccountManagerService.java, there is a possible way to leak... Moderate Unreviewed
CVE-2024-43086 was published Nov 13, 2024
HCL Connections is vulnerable to a broken access control vulnerability that may allow an... Low Unreviewed
CVE-2024-42188 was published Nov 14, 2024
In updateInternal of MediaProvider.java , there is a possible access of another app's files due... High Unreviewed
CVE-2024-43089 was published Nov 13, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display... High Unreviewed
CVE-2024-40660 was published Nov 13, 2024
Restarting a run with revoked script approval allowed by Jenkins Pipeline: Declarative Plugin High
CVE-2024-52551 was published for org.jenkinsci.plugins:pipeline-model-parent (Maven) Nov 13, 2024
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise... Critical Unreviewed
CVE-2024-44760 was published Aug 28, 2024
Django allows unintended model editing High
CVE-2019-19118 was published for Django (pip) Dec 4, 2019
sunSUNQ
Django Incorrect Default Permissions Moderate
CVE-2020-24584 was published for django (pip) Mar 18, 2021
sunSUNQ
Incorrect Default Permissions in Apache DolphinScheduler High
CVE-2020-13922 was published for org.apache.dolphinscheduler:dolphinscheduler-api (Maven) Feb 9, 2022
Kubernetes sets incorrect permissions on Windows containers logs High
CVE-2024-5321 was published for k8s.io/kubernetes (Go) Jul 18, 2024
Kubean vulnerable to cluster-level privilege escalation High
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent. High Unreviewed
CVE-2024-52926 was published Nov 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database