Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

853 advisories

Loading
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain... Moderate Unreviewed
CVE-2024-35139 was published Jun 28, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information... Moderate Unreviewed
CVE-2023-38368 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could... High Unreviewed
CVE-2023-38370 was published Jun 27, 2024
Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows... Moderate Unreviewed
CVE-2024-22385 was published Jun 25, 2024
The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an... Unknown Unreviewed
CVE-2024-36495 was published Jun 24, 2024
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console Low
CVE-2024-5967 was published for org.keycloak:keycloak-ldap-federation (Maven) Jun 21, 2024
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials Low
GHSA-gmrm-8fx4-66x7 was published for org.keycloak:keycloak-core (Maven) Jun 18, 2024 withdrawn
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2024-34012 was published Jun 14, 2024
A remote attacker using the insecure upload functionality will be able to overwrite any Python... High Unreviewed
CVE-2024-27171 was published Jun 14, 2024
An attacker with admin access can install rogue applications. As for the affected products/models... Moderate Unreviewed
CVE-2024-27180 was published Jun 14, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several... High Unreviewed
CVE-2024-27167 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27155 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27149 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27153 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27148 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27152 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27150 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27151 was published Jun 14, 2024
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated... High Unreviewed
CVE-2024-37038 was published Jun 12, 2024
Kaminari Insecure File Permissions Vulnerability Moderate
CVE-2024-32978 was published for kaminari (RubyGems) May 28, 2024
G-Rath
Incorrect default permissions in some Endurance Gaming Mode software installers before version 1... Moderate Unreviewed
CVE-2023-42433 was published May 16, 2024
Incorrect default permissions in some onboard video driver software before version 1.14 for Intel... Moderate Unreviewed
CVE-2023-42668 was published May 16, 2024
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may... High Unreviewed
CVE-2023-43629 was published May 16, 2024
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may... High Unreviewed
CVE-2023-24460 was published May 16, 2024
On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to... Unknown Unreviewed
CVE-2024-4030 was published May 7, 2024
ProTip! Advisories are also available from the GraphQL API