Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,838
Erlang
36
GitHub Actions
33
Go
2,460
Maven
5,000+
npm
4,082
NuGet
723
pip
3,872
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

648 advisories

Loading
WiX based installers are vulnerable to binary hijack when run as SYSTEM High
CVE-2024-29187 was published for WixToolset.Sdk (NuGet) Mar 25, 2024
KNaceri rohitmothe
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-21431 was published Mar 12, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to... High Unreviewed
CVE-2023-47564 was published Feb 2, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in B&R Industrial Automation... High Unreviewed
CVE-2020-24681 was published Feb 2, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write... High Unreviewed
CVE-2024-22016 was published Feb 2, 2024
Vulnerability of permissions being not strictly verified in the WMS module. Successful... High Unreviewed
CVE-2023-52107 was published Jan 16, 2024
Permission management vulnerability in the multi-screen interaction module. Successful... High Unreviewed
CVE-2023-52116 was published Jan 16, 2024
An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate... High Unreviewed
CVE-2023-49257 was published Jan 12, 2024
A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected... High Unreviewed
CVE-2023-44120 was published Jan 9, 2024
A incorrect permission assignment for critical resource vulnerability in PLCnext products allows... High Unreviewed
CVE-2023-46142 was published Dec 14, 2023
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757,... High Unreviewed
CVE-2023-49580 was published Dec 12, 2023
An issue was discovered in Mullvad VPN Windows app before 2023.6-beta1. Insufficient permissions... High Unreviewed
CVE-2023-50446 was published Dec 10, 2023
Local Privilege Escalation in Windows High
CVE-2023-49797 was published for pyinstaller (pip) Dec 9, 2023
Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in... High Unreviewed
CVE-2023-6179 was published Nov 17, 2023
Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint... High Unreviewed
CVE-2023-28134 was published Nov 13, 2023
Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect... High Unreviewed
CVE-2023-46449 was published Oct 26, 2023
SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To... High Unreviewed
CVE-2023-40361 was published Oct 20, 2023
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability... High Unreviewed
CVE-2023-34437 was published Oct 19, 2023
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities... High Unreviewed
CVE-2023-32724 was published Oct 12, 2023
A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.20). The... High Unreviewed
CVE-2023-45205 was published Oct 10, 2023
A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application... High Unreviewed
CVE-2022-30527 was published Oct 10, 2023
Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0... High Unreviewed
CVE-2023-42189 was published Oct 10, 2023
Decidim has broken access control in templates High
CVE-2023-36465 was published for decidim (RubyGems) Oct 5, 2023
andreslucena
Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability High
CVE-2023-5077 was published for github.com/hashicorp/vault (Go) Sep 29, 2023
A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi... High Unreviewed
CVE-2023-20254 was published Sep 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database