Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

245 advisories

Loading
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... High Unreviewed
CVE-2024-44211 was published Dec 20, 2024
In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0, the WriteAcl function deletes... Unknown Unreviewed
CVE-2024-56317 was published Dec 19, 2024
A logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2024-54465 was published Dec 12, 2024
The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app... Moderate Unreviewed
CVE-2024-54484 was published Dec 12, 2024
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.2... High Unreviewed
CVE-2024-54515 was published Dec 12, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 11... Moderate Unreviewed
CVE-2024-54513 was published Dec 12, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers... Moderate Unreviewed
CVE-2024-50924 was published Dec 10, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers... Moderate Unreviewed
CVE-2024-50929 was published Dec 10, 2024
An issue in Silicon Labs Z-Wave Series 500 v6.84.0 allows attackers to execute arbitrary code. High Unreviewed
CVE-2024-50930 was published Dec 10, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers... Moderate Unreviewed
CVE-2024-50928 was published Dec 10, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers... High Unreviewed
CVE-2024-50920 was published Dec 10, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers... Moderate Unreviewed
CVE-2024-50921 was published Dec 10, 2024
Silicon Labs Z-Wave Series 500 v6.84.0 was discovered to contain insecure permissions. Moderate Unreviewed
CVE-2024-50931 was published Dec 10, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed
CVE-2024-41645 was published Dec 7, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... High Unreviewed
CVE-2024-41650 was published Dec 7, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... High Unreviewed
CVE-2024-41648 was published Dec 7, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed
CVE-2024-41646 was published Dec 7, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed
CVE-2024-41644 was published Dec 7, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed
CVE-2024-41649 was published Dec 7, 2024
The Mister org.mistergroup.shouldianswer application 1.4.264 for Android enables any installed... High Unreviewed
CVE-2024-37575 was published Dec 4, 2024
Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion Moderate
CVE-2024-43784 was published for github.com/treeverse/lakefs (Go) Nov 26, 2024
N-o-Z
Rclone has Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata Moderate
CVE-2024-52522 was published for github.com/rclone/rclone (Go) Nov 19, 2024
hakong ncw
A permission leak could have occurred from a trusted site to an untrusted site via `embed` or ... High Unreviewed
CVE-2024-10458 was published Oct 29, 2024
Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated... Moderate Unreviewed
CVE-2024-9333 was published Oct 2, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-44188 was published Sep 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database