GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,080 advisories
Filter by severity
Incorrect default permissions for some Intel(R) Binary Configuration Tool software for Windows...
Moderate
Unreviewed
CVE-2024-25647
was published
Nov 13, 2024
grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.
High
Unreviewed
CVE-2024-49504
was published
Nov 13, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Low
Unreviewed
CVE-2024-21012
was published
Apr 17, 2024
Moodle has insufficient access control
Low
CVE-2024-43430
was published
for
moodle/moodle
(Composer)
Nov 11, 2024
Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to...
Moderate
Unreviewed
CVE-2024-34679
was published
Nov 6, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Moderate
Unreviewed
CVE-2024-46894
was published
Nov 12, 2024
Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center...
High
Unreviewed
CVE-2024-21938
was published
Nov 12, 2024
Incorrect default permissions in the AMD Provisioning Console installation directory could allow...
High
Unreviewed
CVE-2024-21958
was published
Nov 12, 2024
Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory...
High
Unreviewed
CVE-2024-21945
was published
Nov 12, 2024
Incorrect default permissions in the AMD Management Console installation directory could allow an...
High
Unreviewed
CVE-2024-21957
was published
Nov 12, 2024
Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation...
High
Unreviewed
CVE-2024-21939
was published
Nov 12, 2024
Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could...
High
Unreviewed
CVE-2024-21946
was published
Nov 12, 2024
Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker...
High
Unreviewed
CVE-2024-21937
was published
Nov 12, 2024
SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to...
Moderate
Unreviewed
CVE-2024-47593
was published
Nov 12, 2024
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows...
Critical
Unreviewed
CVE-2024-51567
was published
Oct 30, 2024
An issue was discovered in Lush 2 through 2020-02-25. Due to the lack of Bluetooth traffic...
High
Unreviewed
CVE-2020-11921
was published
Nov 7, 2024
An issue was discovered on Brother MFC-J491DW C1806180757 devices. The printer's web-interface...
Critical
Unreviewed
CVE-2019-20457
was published
Nov 7, 2024
The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any...
High
Unreviewed
CVE-2024-36063
was published
Nov 8, 2024
An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the...
High
Unreviewed
CVE-2019-20458
was published
Nov 7, 2024
Trimble TM4Web 22.2.0 allows unauthenticated attackers to access /inc/tm_ajax.msw?func...
Critical
Unreviewed
CVE-2023-27195
was published
Nov 8, 2024
A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged...
Moderate
Unreviewed
CVE-2023-23344
was published
Jun 23, 2023
Couchbase Server 7.1.x and 7.2.x before 7.2.4 does not require authentication for the /admin...
High
Unreviewed
CVE-2023-49338
was published
Feb 29, 2024
Vulnerability of improper permission control in the window management module.
Impact: Successful...
Critical
Unreviewed
CVE-2024-30415
was published
Apr 7, 2024
VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users.
Moderate
Unreviewed
CVE-2024-10469
was published
Oct 28, 2024
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported...
Low
Unreviewed
CVE-2024-21123
was published
Jul 17, 2024
ProTip!
Advisories are also available from the
GraphQL API