Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

471 advisories

Loading
A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi... High Unreviewed
CVE-2024-42028 was published Oct 28, 2024
This issue was addressed with improved permissions checking. This issue is fixed in Xcode 16. An... High Unreviewed
CVE-2024-44228 was published Oct 28, 2024
The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access... High Unreviewed
CVE-2024-9191 was published Nov 2, 2024
An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the... High Unreviewed
CVE-2019-20458 was published Nov 7, 2024
An issue was discovered in Lush 2 through 2020-02-25. Due to the lack of Bluetooth traffic... High Unreviewed
CVE-2020-11921 was published Nov 7, 2024
The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any... High Unreviewed
CVE-2024-36063 was published Nov 8, 2024
Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center... High Unreviewed
CVE-2024-21938 was published Nov 12, 2024
Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker... High Unreviewed
CVE-2024-21937 was published Nov 12, 2024
Incorrect default permissions in the AMD Provisioning Console installation directory could allow... High Unreviewed
CVE-2024-21958 was published Nov 12, 2024
Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could... High Unreviewed
CVE-2024-21946 was published Nov 12, 2024
Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory... High Unreviewed
CVE-2024-21945 was published Nov 12, 2024
Incorrect default permissions in the AMD Management Console installation directory could allow an... High Unreviewed
CVE-2024-21957 was published Nov 12, 2024
Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation... High Unreviewed
CVE-2024-21939 was published Nov 12, 2024
grub2 allowed attackers with access to the grub shell to access files on the encrypted disks. High Unreviewed
CVE-2024-49504 was published Nov 13, 2024
In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to... High Unreviewed
CVE-2024-40661 was published Nov 13, 2024
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display... High Unreviewed
CVE-2024-40660 was published Nov 13, 2024
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier... High Unreviewed
CVE-2024-43081 was published Nov 13, 2024
In updateInternal of MediaProvider.java , there is a possible access of another app's files due... High Unreviewed
CVE-2024-43089 was published Nov 13, 2024
In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents... High Unreviewed
CVE-2024-43085 was published Nov 13, 2024
Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations... High Unreviewed
CVE-2024-21820 was published Nov 13, 2024
Restarting a run with revoked script approval allowed by Jenkins Pipeline: Declarative Plugin High
CVE-2024-52551 was published for org.jenkinsci.plugins:pipeline-model-parent (Maven) Nov 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database