GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
490 advisories
Filter by severity
A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi...
High
Unreviewed
CVE-2024-42028
was published
Oct 28, 2024
Incorrect default permissions in some Intel(R) VROC software before version 8.0.8.1001 may allow...
High
Unreviewed
CVE-2023-34315
was published
Oct 28, 2024
there is a possible privilege escalation due to an insecure default value. This could lead to...
High
Unreviewed
CVE-2024-47016
was published
Oct 25, 2024
In pmucal_rae_handle_seq_int of flexpmu_cal_rae.c, there is a possible arbitrary write due to...
High
Unreviewed
CVE-2024-47013
was published
Oct 25, 2024
In mm_GetMobileIdIndexForNsUpdate of mm_GmmPduCodec.c, there is a possible out of bounds write...
High
Unreviewed
CVE-2024-47012
was published
Oct 25, 2024
Incorrect default permissions in some ACAT software maintained by Intel(R) before version 2.0.0...
High
Unreviewed
CVE-2023-41231
was published
Oct 24, 2024
Incorrect default permissions in the Intel(R) SUR for Gameplay Software before version 2.0.1901...
High
Unreviewed
CVE-2023-40154
was published
Oct 23, 2024
The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions...
High
Unreviewed
CVE-2024-9947
was published
Oct 23, 2024
Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers...
High
Unreviewed
CVE-2024-7587
was published
Oct 23, 2024
Local privilege escalation due to insecure folder permissions. The following products are...
High
Unreviewed
CVE-2024-49389
was published
Oct 17, 2024
Under specific circumstances, insecure permissions in Ivanti Velocity License Server before...
High
Unreviewed
CVE-2024-9167
was published
Oct 8, 2024
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The...
High
Unreviewed
CVE-2024-8533
was published
Sep 12, 2024
In multiple locations, there is a possible permission bypass due to a confused deputy. This could...
High
Unreviewed
CVE-2024-40654
was published
Sep 11, 2024
ntfs3 in the Linux kernel before 6.5.11 allows a physically proximate attacker to read kernel...
High
Unreviewed
CVE-2023-45896
was published
Aug 28, 2024
An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo...
High
Unreviewed
CVE-2024-4763
was published
Aug 16, 2024
An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and...
High
Unreviewed
CVE-2024-2175
was published
Aug 16, 2024
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to...
High
Unreviewed
CVE-2023-31349
was published
Aug 13, 2024
CloudStack account-users by default use username and password based authentication for API and UI...
High
Unreviewed
CVE-2024-42062
was published
Aug 7, 2024
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory...
High
Unreviewed
CVE-2024-43114
was published
Aug 6, 2024
Untrusted Search Path, Incorrect Default Permissions vulnerability in Cato Networks SDP Client on...
High
Unreviewed
CVE-2024-6974
was published
Jul 31, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 10...
High
Unreviewed
CVE-2024-40805
was published
Jul 30, 2024
A permissions issue was addressed by removing vulnerable code and adding additional checks. This...
High
Unreviewed
CVE-2024-27888
was published
Jul 30, 2024
The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with...
High
Unreviewed
CVE-2024-42053
was published
Jul 28, 2024
ProTip!
Advisories are also available from the
GraphQL API