Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,747
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,104 advisories

Loading
Under specific circumstances, insecure permissions in Ivanti Performance Manager before version... High Unreviewed
CVE-2024-11597 was published Dec 11, 2024
Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1... High Unreviewed
CVE-2024-9845 was published Dec 11, 2024
Under specific circumstances, insecure permissions in Ivanti Security Controls before version... High Unreviewed
CVE-2024-10251 was published Dec 11, 2024
Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10... High Unreviewed
CVE-2024-8496 was published Dec 11, 2024
An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build... Critical Unreviewed
CVE-2024-45494 was published Dec 10, 2024
COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-54751 was published Dec 10, 2024
WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-54747 was published Dec 6, 2024
WAVLINK WN701AE M01AE_V240305 was discovered to contain a hardcoded password vulnerability in ... Critical Unreviewed
CVE-2024-54745 was published Dec 6, 2024
An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their... High Unreviewed
CVE-2024-46624 was published Dec 4, 2024
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can... Low Unreviewed
CVE-2024-53921 was published Dec 3, 2024
Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3) High
CVE-2024-54131 was published for github.com/kolide/launcher (Go) Dec 3, 2024
In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input... High Unreviewed
CVE-2018-9431 was published Dec 3, 2024
Ever Traduora 0.20.0 and below is vulnerable to Privilege Escalation due to the use of a hard... Critical Unreviewed
CVE-2024-53484 was published Dec 2, 2024
The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder... High Unreviewed
CVE-2024-11969 was published Nov 28, 2024
OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible... Critical Unreviewed
CVE-2024-46054 was published Nov 27, 2024
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated... High Unreviewed
CVE-2024-52323 was published Nov 27, 2024
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required... Critical Unreviewed
CVE-2024-11703 was published Nov 26, 2024
Gee-netics, member of the AXIS Camera Station Pro Bug Bounty Program has found that it is... Moderate Unreviewed
CVE-2024-6476 was published Nov 26, 2024
MLflow's excessive directory permissions allow local privilege escalation High
CVE-2024-27134 was published for mlflow (pip) Nov 25, 2024
An issue in Owncloud android apk v.4.3.1 allows a physically proximate attacker to escalate... Moderate Unreviewed
CVE-2024-50657 was published Nov 22, 2024
Incorrect access control in Meabilis CMS 1.0 allows attackers to access other users' address... Unknown Unreviewed
CVE-2024-44786 was published Nov 22, 2024
A discrepancy between responses for valid and invalid e-mail accounts in the Forgot your Login?... Moderate Unreviewed
CVE-2024-48533 was published Nov 20, 2024
An issue in Audimex EE v.15.1.20 and before allows a remote attacker to escalate privileges. Critical Unreviewed
CVE-2024-51162 was published Nov 20, 2024
Moodle IDOR when deleting OAuth2 linked accounts Moderate
CVE-2024-45690 was published for moodle/moodle (Composer) Nov 20, 2024
In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there... High Unreviewed
CVE-2018-9432 was published Nov 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database