GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,166 advisories
Filter by severity
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an...
High
Unreviewed
CVE-2024-25646
was published
Apr 9, 2024
Permission control vulnerability in the Bluetooth module.
Impact: Successful exploitation of this...
Moderate
Unreviewed
CVE-2023-52554
was published
Apr 8, 2024
An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows...
Moderate
Unreviewed
CVE-2024-28589
was published
Apr 3, 2024
Dell Grab for Windows, versions 5.0.4 and below, contains an improper file permissions...
Moderate
Unreviewed
CVE-2024-25956
was published
Mar 26, 2024
WiX based installers are vulnerable to binary hijack when run as SYSTEM
High
CVE-2024-29187
was published
for
WixToolset.Sdk
(NuGet)
Mar 25, 2024
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-21431
was published
Mar 12, 2024
Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions...
Moderate
Unreviewed
CVE-2024-28163
was published
Mar 12, 2024
Under certain condition SAP NetWeaver (Enterprise Portal) - version 7.50 allows an attacker to...
Moderate
Unreviewed
CVE-2024-25645
was published
Mar 12, 2024
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access...
Moderate
Unreviewed
CVE-2024-25644
was published
Mar 12, 2024
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform...
Critical
Unreviewed
CVE-2024-21915
was published
Feb 16, 2024
SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL...
Moderate
Unreviewed
CVE-2024-24740
was published
Feb 13, 2024
Apache Solr Schema Designer blindly "trusts" all configsets
Low
CVE-2023-50292
was published
for
org.apache.solr:solr-core
(Maven)
Feb 9, 2024
Spring Security's spring-security.xsd file is world writable
Moderate
CVE-2023-34042
was published
for
org.springframework.security:spring-security-config
(Maven)
Feb 6, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to...
High
Unreviewed
CVE-2023-47564
was published
Feb 2, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in B&R Industrial Automation...
High
Unreviewed
CVE-2020-24681
was published
Feb 2, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write...
High
Unreviewed
CVE-2024-22016
was published
Feb 2, 2024
Moby (Docker Engine) Insufficiently restricted permissions on data directory
Moderate
CVE-2021-41091
was published
for
github.com/docker/docker
(Go)
Jan 31, 2024
Privilege Escalation in HashiCorp Consul
Moderate
CVE-2020-28053
was published
for
github.com/hashicorp/consul
(Go)
Jan 31, 2024
Spring Cloud Contract vulnerable to local information disclosure
Low
CVE-2024-22236
was published
for
org.springframework.cloud:spring-cloud-contract-shade
(Maven)
Jan 31, 2024
Record titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleter
Moderate
CVE-2023-48714
was published
for
silverstripe/framework
(Composer)
Jan 23, 2024
Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some...
Moderate
Unreviewed
CVE-2023-38541
was published
Jan 19, 2024
Vulnerability of permissions being not strictly verified in the WMS module. Successful...
High
Unreviewed
CVE-2023-52107
was published
Jan 16, 2024
Permission management vulnerability in the multi-screen interaction module. Successful...
High
Unreviewed
CVE-2023-52116
was published
Jan 16, 2024
An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate...
High
Unreviewed
CVE-2023-49257
was published
Jan 12, 2024
The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2023-6506
was published
Jan 11, 2024
ProTip!
Advisories are also available from the
GraphQL API