Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

907 advisories

Loading
Untrusted Search Path, Incorrect Default Permissions vulnerability in Cato Networks SDP Client on... High Unreviewed
CVE-2024-6974 was published Jul 31, 2024
The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with... High Unreviewed
CVE-2024-42053 was published Jul 28, 2024
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and... High Unreviewed
CVE-2024-36541 was published Jul 24, 2024
An incorrect permission in the installation directory for the shared NI SystemLink Server... Moderate Unreviewed
CVE-2024-6122 was published Jul 22, 2024
Kubernetes sets incorrect permissions on Windows containers logs Moderate
CVE-2024-5321 was published for k8s.io/kubernetes (Go) Jul 18, 2024
The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www... Moderate Unreviewed
CVE-2024-6325 was published Jul 16, 2024
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®... Low Unreviewed
CVE-2024-6326 was published Jul 16, 2024
Under certain circumstances the Software House C●CURE 9000 Site Server provides insufficient... High Unreviewed
CVE-2024-32861 was published Jul 16, 2024
Denial of service vulnerability present shortly after product installation or upgrade,... Moderate Unreviewed
CVE-2024-3779 was published Jul 16, 2024
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on... High Unreviewed
CVE-2024-3904 was published Jul 4, 2024
Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops... Moderate Unreviewed
CVE-2024-2819 was published Jul 2, 2024
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows,... High Unreviewed
CVE-2024-4679 was published Jul 2, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain... Moderate Unreviewed
CVE-2024-35139 was published Jun 28, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could... High Unreviewed
CVE-2023-38370 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information... Moderate Unreviewed
CVE-2023-38368 was published Jun 27, 2024
Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows... Moderate Unreviewed
CVE-2024-22385 was published Jun 25, 2024
The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an... High Unreviewed
CVE-2024-36495 was published Jun 24, 2024
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console Low
CVE-2024-5967 was published for org.keycloak:keycloak-ldap-federation (Maven) Jun 21, 2024
MarkLee131
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials Low
GHSA-gmrm-8fx4-66x7 was published for org.keycloak:keycloak-core (Maven) Jun 18, 2024 withdrawn
langchain_experimental Code Execution via Python REPL access High
CVE-2024-38459 was published for langchain-experimental (pip) Jun 16, 2024
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2024-34012 was published Jun 14, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several... High Unreviewed
CVE-2024-27167 was published Jun 14, 2024
An attacker with admin access can install rogue applications. As for the affected products/models... Moderate Unreviewed
CVE-2024-27180 was published Jun 14, 2024
A remote attacker using the insecure upload functionality will be able to overwrite any Python... High Unreviewed
CVE-2024-27171 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27155 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database