GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,080 advisories
Filter by severity
Incorrect default permissions vulnerability in Evoko Home, affecting version 2.4.2 to 2.7.4. A...
High
Unreviewed
CVE-2024-12903
was published
Dec 23, 2024
Incorrect Default Permissions vulnerability in Edgecross Basic Software for Windows versions 1.00...
High
Unreviewed
CVE-2024-4229
was published
Dec 19, 2024
Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned...
High
Unreviewed
CVE-2024-49202
was published
Dec 18, 2024
CA Client Automation (ITCM) allows non-admin/non-root users to encrypt a string using CAF CLI and...
High
Unreviewed
CVE-2024-38499
was published
Dec 17, 2024
In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an...
Critical
Unreviewed
CVE-2024-55956
was published
Dec 13, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44224
was published
Dec 12, 2024
Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2024-11872
was published
Dec 12, 2024
Under specific circumstances, insecure permissions in Ivanti Application Control before version...
High
Unreviewed
CVE-2024-11598
was published
Dec 11, 2024
Under specific circumstances, insecure permissions in Ivanti Performance Manager before version...
High
Unreviewed
CVE-2024-11597
was published
Dec 11, 2024
Under specific circumstances, insecure permissions in Ivanti Security Controls before version...
High
Unreviewed
CVE-2024-10251
was published
Dec 11, 2024
Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10...
High
Unreviewed
CVE-2024-8496
was published
Dec 11, 2024
Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1...
High
Unreviewed
CVE-2024-9845
was published
Dec 11, 2024
An issue was discovered in MSA Safety FieldServer Gateways and Embedded Modules with build...
Critical
Unreviewed
CVE-2024-45494
was published
Dec 10, 2024
COMFAST CF-WR630AX v2.7.0.2 was discovered to contain a hardcoded password vulnerability in /etc...
Critical
Unreviewed
CVE-2024-54751
was published
Dec 10, 2024
WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc...
Critical
Unreviewed
CVE-2024-54747
was published
Dec 6, 2024
WAVLINK WN701AE M01AE_V240305 was discovered to contain a hardcoded password vulnerability in ...
Critical
Unreviewed
CVE-2024-54745
was published
Dec 6, 2024
An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their...
High
Unreviewed
CVE-2024-46624
was published
Dec 4, 2024
An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can...
Low
Unreviewed
CVE-2024-53921
was published
Dec 3, 2024
Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)
High
CVE-2024-54131
was published
for
github.com/kolide/launcher
(Go)
Dec 3, 2024
In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input...
High
Unreviewed
CVE-2018-9431
was published
Dec 3, 2024
Ever Traduora 0.20.0 and below is vulnerable to Privilege Escalation due to the use of a hard...
Critical
Unreviewed
CVE-2024-53484
was published
Dec 2, 2024
The NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder...
High
Unreviewed
CVE-2024-11969
was published
Nov 28, 2024
OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible...
Critical
Unreviewed
CVE-2024-46054
was published
Nov 27, 2024
Zohocorp ManageEngine Analytics Plus versions below 6100 are vulnerable to authenticated...
High
Unreviewed
CVE-2024-52323
was published
Nov 27, 2024
On Android, Firefox may have inadvertently allowed viewing saved passwords without the required...
Critical
Unreviewed
CVE-2024-11703
was published
Nov 26, 2024
ProTip!
Advisories are also available from the
GraphQL API