Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,149 advisories

Loading
Incorrect permission assignment for critical resource issue exists in ZWX-2000CSW2-HN firmware... High Unreviewed
CVE-2024-41720 was published Aug 5, 2024
A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP... High Unreviewed
CVE-2024-31202 was published Jul 31, 2024
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could... Low Unreviewed
CVE-2022-33167 was published Jul 30, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for... Moderate Unreviewed
CVE-2024-41685 was published Jul 26, 2024
snapd failed to restrict writes to the $HOME/bin path Moderate
CVE-2024-1724 was published for github.com/snapcore/snapd (Go) Jul 25, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics... Critical Unreviewed
CVE-2024-5618 was published Jul 18, 2024
A privilege escalation vulnerability exists in the affected products which could allow a... High Unreviewed
CVE-2024-6435 was published Jul 16, 2024
Improper permission control in the mobile application (com.android.server.telecom) may lead to... Unknown Unreviewed
CVE-2024-6780 was published Jul 16, 2024
The session cookie in MailGates and MailAudit from Openfind does not have the HttpOnly flag... Moderate Unreviewed
CVE-2024-6739 was published Jul 15, 2024
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local... Moderate Unreviewed
CVE-2024-20456 was published Jul 10, 2024
Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p8, < 2.2... High Unreviewed
CVE-2024-28827 was published Jul 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... Moderate Unreviewed
CVE-2024-39875 was published Jul 9, 2024
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user... Critical Unreviewed
CVE-2024-5163 was published Jun 17, 2024
A privilege escalation vulnerability exists in the affected product. The vulnerability allows low... Unknown Unreviewed
CVE-2024-37369 was published Jun 14, 2024
Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate... High Unreviewed
CVE-2024-36821 was published Jun 11, 2024
The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all... High Unreviewed
CVE-2024-3668 was published Jun 8, 2024
A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2024-30369 was published Jun 6, 2024
Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow... Moderate Unreviewed
CVE-2024-21835 was published May 16, 2024
On Windows systems, the Arc configuration files resulted to be world-readable. This can lead... Low Unreviewed
CVE-2023-5937 was published May 15, 2024
On Unix systems (Linux, MacOS), Arc uses a temporary file with unsafe privileges. By tampering... High Unreviewed
CVE-2023-5936 was published May 15, 2024
Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products Moderate Unreviewed
CVE-2024-27108 was published May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed
CVE-2024-33499 was published May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Moderate Unreviewed
CVE-2024-30208 was published May 14, 2024
Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows... High Unreviewed
CVE-2023-35841 was published May 14, 2024
Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices High Unreviewed
CVE-2024-1486 was published May 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database