GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,149 advisories
Filter by severity
Incorrect permission assignment for critical resource issue exists in ZWX-2000CSW2-HN firmware...
High
Unreviewed
CVE-2024-41720
was published
Aug 5, 2024
HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain...
High
Unreviewed
CVE-2024-38456
was published
Sep 3, 2024
Gitea allowed assignment of private issues
Moderate
CVE-2022-38183
was published
for
code.gitea.io/gitea
(Go)
Aug 13, 2022
Kubean vulnerable to cluster-level privilege escalation
Moderate
CVE-2024-41820
was published
for
github.com/kubean-io/kubean
(Go)
Aug 5, 2024
A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All...
Critical
Unreviewed
CVE-2024-41171
was published
Sep 10, 2024
Incorrect Permission Assignment for Critical Resource in Ansible
Low
CVE-2020-1736
was published
for
ansible
(pip)
Feb 9, 2022
Insecure inherited permissions in some Flexlm License Daemons for Intel(R) FPGA software before...
Moderate
Unreviewed
CVE-2024-23908
was published
Aug 14, 2024
Insecure inherited permissions in some Intel(R) HID Event Filter software installers before...
Moderate
Unreviewed
CVE-2024-25561
was published
Aug 14, 2024
Podman Elevated Container Privileges
High
CVE-2018-10856
was published
for
github.com/containers/podman
(Go)
May 13, 2022
In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated...
High
Unreviewed
CVE-2022-22521
was published
Apr 28, 2022
Improper permission configurationDomain configuration vulnerability of the mobile application ...
Critical
Unreviewed
CVE-2024-8039
was published
Sep 16, 2024
External Secrets Operator vulnerable to privilege escalation
High
CVE-2024-45041
was published
for
github.com/external-secrets/external-secrets
(Go)
Sep 9, 2024
Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and...
Moderate
Unreviewed
CVE-2024-29964
was published
Apr 19, 2024
On Windows systems, the Arc configuration files resulted to be world-readable.
This can lead...
Low
Unreviewed
CVE-2023-5937
was published
May 15, 2024
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated...
High
Unreviewed
CVE-2023-47712
was published
May 14, 2024
Mercurial Incorrect Access Control vulnerability
Critical
CVE-2018-1000132
was published
for
mercurial
(pip)
May 13, 2022
Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability
High
CVE-2023-5077
was published
for
github.com/hashicorp/vault
(Go)
Sep 29, 2023
Koji hub call does not perform correct access checks
Critical
CVE-2018-1002150
was published
for
koji
(pip)
Jul 12, 2018
SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing...
High
Unreviewed
CVE-2023-33990
was published
Jul 11, 2023
When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions...
High
Unreviewed
CVE-2023-35870
was published
Jul 11, 2023
Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions...
Moderate
Unreviewed
CVE-2024-28163
was published
Mar 12, 2024
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754,...
Low
Unreviewed
CVE-2023-32114
was published
Jun 13, 2023
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access...
Moderate
Unreviewed
CVE-2024-25644
was published
Mar 12, 2024
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757,...
High
Unreviewed
CVE-2023-49580
was published
Dec 12, 2023
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform...
Low
Unreviewed
CVE-2023-49578
was published
Dec 12, 2023
ProTip!
Advisories are also available from the
GraphQL API