GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,584
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,169
npm 3,704
NuGet 661
pip 3,330
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,157

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

906 advisories

Filter by severity

Sort by

Least recently updated

In updateInternal of MediaProvider.java , there is a possible access of another app's files due... High Unreviewed

CVE-2024-43089 was published Nov 13, 2024

HCL Connections is vulnerable to a broken access control vulnerability that may allow an... Low Unreviewed

CVE-2024-42188 was published Nov 14, 2024

In validateAccountsInternal of AccountManagerService.java, there is a possible way to leak... Moderate Unreviewed

CVE-2024-43086 was published Nov 13, 2024

In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents... High Unreviewed

CVE-2024-43085 was published Nov 13, 2024

In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier... High Unreviewed

CVE-2024-43081 was published Nov 13, 2024

In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to... High Unreviewed

CVE-2024-40661 was published Nov 13, 2024

Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations... High Unreviewed

CVE-2024-21820 was published Nov 13, 2024

Incorrect default permissions in some Intel(R) Distribution for Python software before version... Moderate Unreviewed

CVE-2024-29083 was published Nov 13, 2024

Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may... Moderate Unreviewed

CVE-2024-35201 was published Nov 13, 2024

Incorrect default permissions for some Intel(R) Binary Configuration Tool software for Windows... Moderate Unreviewed

CVE-2024-25647 was published Nov 13, 2024

grub2 allowed attackers with access to the grub shell to access files on the encrypted disks. High Unreviewed

CVE-2024-49504 was published Nov 13, 2024

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed

CVE-2024-21012 was published Apr 17, 2024

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Moderate Unreviewed

CVE-2024-46894 was published Nov 12, 2024

Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to... Moderate Unreviewed

CVE-2024-34679 was published Nov 6, 2024

Incorrect default permissions in the AMD Management Plugin for the Microsoft® System Center... High Unreviewed

CVE-2024-21938 was published Nov 12, 2024

Incorrect default permissions in the AMD HIP SDK installation directory could allow an attacker... High Unreviewed

CVE-2024-21937 was published Nov 12, 2024

Incorrect default permissions in the AMD Provisioning Console installation directory could allow... High Unreviewed

CVE-2024-21958 was published Nov 12, 2024

Incorrect default permissions in the AMD RyzenTM Master Utility installation directory could... High Unreviewed

CVE-2024-21946 was published Nov 12, 2024

Incorrect default permissions in the AMD RyzenTM Master monitoring SDK installation directory... High Unreviewed

CVE-2024-21945 was published Nov 12, 2024

Incorrect default permissions in the AMD Management Console installation directory could allow an... High Unreviewed

CVE-2024-21957 was published Nov 12, 2024

Incorrect default permissions in the AMD Cloud Manageability Service (ACMS) Software installation... High Unreviewed

CVE-2024-21939 was published Nov 12, 2024

SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to... Moderate Unreviewed

CVE-2024-47593 was published Nov 12, 2024

upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows... Critical Unreviewed

CVE-2024-51567 was published Oct 30, 2024

Trimble TM4Web 22.2.0 allows unauthenticated attackers to access /inc/tm_ajax.msw?func... Critical Unreviewed

CVE-2023-27195 was published Nov 8, 2024

The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any... High Unreviewed

CVE-2024-36063 was published Nov 8, 2024

Previous 1 2 3 4 5 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

906 advisories