GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,092 advisories
Filter by severity
A privilege escalation vulnerability exists in the affected product. The vulnerability allows low...
Unknown
Unreviewed
CVE-2024-37369
was published
Jun 14, 2024
A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2024-30369
was published
Jun 6, 2024
Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow...
Moderate
Unreviewed
CVE-2024-21835
was published
May 16, 2024
On Windows systems, the Arc configuration files resulted to be world-readable.
This can lead...
Low
Unreviewed
CVE-2023-5937
was published
May 15, 2024
On Unix systems (Linux, MacOS), Arc uses a temporary file with unsafe privileges.
By tampering...
High
Unreviewed
CVE-2023-5936
was published
May 15, 2024
Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products
Moderate
Unreviewed
CVE-2024-27108
was published
May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Critical
Unreviewed
CVE-2024-33499
was published
May 14, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Moderate
Unreviewed
CVE-2024-30208
was published
May 14, 2024
Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices
High
Unreviewed
CVE-2024-1486
was published
May 14, 2024
Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows...
High
Unreviewed
CVE-2023-35841
was published
May 14, 2024
Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation...
High
Unreviewed
CVE-2023-51579
was published
May 3, 2024
LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-40516
was published
May 3, 2024
A local privilege escalation vulnerability has been identified in Harmony Endpoint Security...
Unknown
Unreviewed
CVE-2024-24912
was published
May 1, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue...
Critical
Unreviewed
CVE-2024-3375
was published
Apr 29, 2024
Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources
High
CVE-2021-25318
was published
for
github.com/rancher/rancher
(Go)
Apr 24, 2024
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities
Moderate
CVE-2022-24769
was published
for
github.com/docker/docker
(Go)
Apr 22, 2024
A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security...
Unknown
Unreviewed
CVE-2024-24910
was published
Apr 18, 2024
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3...
Moderate
Unreviewed
CVE-2024-22334
was published
Apr 12, 2024
Dell Grab for Windows, versions 5.0.4 and below, contains an improper file permissions...
Moderate
Unreviewed
CVE-2024-25956
was published
Mar 26, 2024
WiX based installers are vulnerable to binary hijack when run as SYSTEM
High
CVE-2024-29187
was published
for
WixToolset.Sdk
(NuGet)
Mar 25, 2024
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-21431
was published
Mar 12, 2024
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform...
Critical
Unreviewed
CVE-2024-21915
was published
Feb 16, 2024
Apache Solr Schema Designer blindly "trusts" all configsets
Low
CVE-2023-50292
was published
for
org.apache.solr:solr-core
(Maven)
Feb 9, 2024
Spring Security's spring-security.xsd file is world writable
Moderate
CVE-2023-34042
was published
for
org.springframework.security:spring-security-config
(Maven)
Feb 6, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to...
High
Unreviewed
CVE-2023-47564
was published
Feb 2, 2024
ProTip!
Advisories are also available from the
GraphQL API