GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
99 advisories
Filter by severity
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia...
Moderate
Unreviewed
CVE-2024-44223
was published
Dec 20, 2024
The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app...
Moderate
Unreviewed
CVE-2024-54484
was published
Dec 12, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 11...
Moderate
Unreviewed
CVE-2024-54513
was published
Dec 12, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers...
Moderate
Unreviewed
CVE-2024-50924
was published
Dec 10, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers...
Moderate
Unreviewed
CVE-2024-50929
was published
Dec 10, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers...
Moderate
Unreviewed
CVE-2024-50928
was published
Dec 10, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers...
Moderate
Unreviewed
CVE-2024-50921
was published
Dec 10, 2024
Silicon Labs Z-Wave Series 500 v6.84.0 was discovered to contain insecure permissions.
Moderate
Unreviewed
CVE-2024-50931
was published
Dec 10, 2024
Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion
Moderate
CVE-2024-43784
was published
for
github.com/treeverse/lakefs
(Go)
Nov 26, 2024
Rclone has Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata
Moderate
CVE-2024-52522
was published
for
github.com/rclone/rclone
(Go)
Nov 19, 2024
Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated...
Moderate
Unreviewed
CVE-2024-9333
was published
Oct 2, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-44188
was published
Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-40831
was published
Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-40859
was published
Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-27858
was published
Sep 17, 2024
A non-admin user can change or remove important features within the Zabbix Agent application,...
Moderate
Unreviewed
CVE-2024-22121
was published
Aug 12, 2024
User with no permission to any of the Hosts can access and view host count & other statistics...
Moderate
Unreviewed
CVE-2024-22114
was published
Aug 12, 2024
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a...
Moderate
Unreviewed
CVE-2024-33892
was published
Aug 2, 2024
Potential vulnerabilities have been identified in the HP Display Control software component...
Moderate
Unreviewed
CVE-2024-29080
was published
Jul 19, 2024
SpiceDB exclusions can result in no permission returned when permission expected
Moderate
CVE-2024-38361
was published
for
github.com/authzed/spicedb
(Go)
Jun 20, 2024
Broken Access Control vulnerability in ReviewX.This issue affects ReviewX: from n/a through 1.6...
Moderate
Unreviewed
CVE-2024-33921
was published
May 3, 2024
Quarkus: security checks in resteasy reactive may trigger a denial of service
Moderate
CVE-2024-1726
was published
for
io.quarkus.resteasy.reactive:resteasy-reactive
(Maven)
Apr 25, 2024
HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when...
Moderate
Unreviewed
CVE-2024-23560
was published
Apr 15, 2024
Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop...
Moderate
Unreviewed
CVE-2024-3545
was published
Apr 9, 2024
Permission verification vulnerability in the system module.
Impact: Successful exploitation of...
Moderate
Unreviewed
CVE-2023-52542
was published
Apr 8, 2024
ProTip!
Advisories are also available from the
GraphQL API