GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
907 advisories
Filter by severity
Untrusted Search Path, Incorrect Default Permissions vulnerability in Cato Networks SDP Client on...
High
Unreviewed
CVE-2024-6974
was published
Jul 31, 2024
The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with...
High
Unreviewed
CVE-2024-42053
was published
Jul 28, 2024
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and...
High
Unreviewed
CVE-2024-36541
was published
Jul 24, 2024
An incorrect permission in the installation directory for the shared NI SystemLink Server...
Moderate
Unreviewed
CVE-2024-6122
was published
Jul 22, 2024
Kubernetes sets incorrect permissions on Windows containers logs
Moderate
CVE-2024-5321
was published
for
k8s.io/kubernetes
(Go)
Jul 18, 2024
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www...
Moderate
Unreviewed
CVE-2024-6325
was published
Jul 16, 2024
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®...
Low
Unreviewed
CVE-2024-6326
was published
Jul 16, 2024
Under certain circumstances the Software House C●CURE 9000 Site Server provides insufficient...
High
Unreviewed
CVE-2024-32861
was published
Jul 16, 2024
Denial of service vulnerability present shortly after product installation or upgrade,...
Moderate
Unreviewed
CVE-2024-3779
was published
Jul 16, 2024
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on...
High
Unreviewed
CVE-2024-3904
was published
Jul 4, 2024
Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops...
Moderate
Unreviewed
CVE-2024-2819
was published
Jul 2, 2024
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows,...
High
Unreviewed
CVE-2024-4679
was published
Jul 2, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain...
Moderate
Unreviewed
CVE-2024-35139
was published
Jun 28, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could...
High
Unreviewed
CVE-2023-38370
was published
Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information...
Moderate
Unreviewed
CVE-2023-38368
was published
Jun 27, 2024
Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows...
Moderate
Unreviewed
CVE-2024-22385
was published
Jun 25, 2024
The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an...
High
Unreviewed
CVE-2024-36495
was published
Jun 24, 2024
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console
Low
CVE-2024-5967
was published
for
org.keycloak:keycloak-ldap-federation
(Maven)
Jun 21, 2024
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials
Low
GHSA-gmrm-8fx4-66x7
was published
for
org.keycloak:keycloak-core
(Maven)
Jun 18, 2024
•
withdrawn
langchain_experimental Code Execution via Python REPL access
High
CVE-2024-38459
was published
for
langchain-experimental
(pip)
Jun 16, 2024
Local privilege escalation due to insecure folder permissions. The following products are...
Moderate
Unreviewed
CVE-2024-34012
was published
Jun 14, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several...
High
Unreviewed
CVE-2024-27167
was published
Jun 14, 2024
An attacker with admin access can install rogue applications. As for the affected products/models...
Moderate
Unreviewed
CVE-2024-27180
was published
Jun 14, 2024
A remote attacker using the insecure upload functionality will be able to overwrite any Python...
High
Unreviewed
CVE-2024-27171
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27155
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API