Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,747
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

105 advisories

Loading
In the ebuild package through logcheck-1.3.23.ebuild for Logcheck on Gentoo, it is possible to... Critical Unreviewed
CVE-2017-20148 was published Sep 21, 2022
Code by Zapier before 2022-08-17 allowed intra-account privilege escalation that included... Critical Unreviewed
CVE-2022-28802 was published Sep 22, 2022
KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer... Critical Unreviewed
CVE-2017-9602 was published May 13, 2022
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions... Critical Unreviewed
CVE-2017-6950 was published May 13, 2022
Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists Critical
CVE-2023-32197 was published for github.com/rancher/rancher (Go) Oct 25, 2024
The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions,... Critical Unreviewed
CVE-2025-25373 was published Mar 25, 2025
Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions. Critical Unreviewed
CVE-2024-55959 was published Jan 21, 2025
Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-57520 was published Feb 6, 2025
The com.glitter.caller.screen (aka iCaller, Caller Theme & Dialer) application through 1.1 for... Critical Unreviewed
CVE-2024-53931 was published Jan 7, 2025
The com.remi.colorphone.callscreen.calltheme.callerscreen (aka Color Phone: Call Screen Theme)... Critical Unreviewed
CVE-2024-53932 was published Jan 7, 2025
IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow an... Critical Unreviewed
CVE-2024-38337 was published Jan 19, 2025
Under certain conditions SAP NetWeaver AS for ABAP and ABAP Platform (Internet Communication... Critical Unreviewed
CVE-2025-0066 was published Jan 14, 2025
PublicCMS <=V4.0.202302 is vulnerable to Insecure Permissions. Critical Unreviewed
CVE-2023-34852 was published Jun 15, 2023
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v... Critical Unreviewed
CVE-2024-41647 was published Dec 7, 2024
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows... Critical Unreviewed
CVE-2024-24117 was published Oct 2, 2024
RKE2 allows privilege escalation in Windows nodes due to Insecure Access Control Lists Critical
GHSA-x7xj-jvwp-97rv was published for github.com/rancher/rke2 (Go) Oct 25, 2024
Incorrect Permission Assignment for Critical Resource in Plone Critical
CVE-2021-33509 was published for Plone (pip) Jun 15, 2021
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead... Critical Unreviewed
CVE-2024-10018 was published Oct 16, 2024
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430,... Critical Unreviewed
CVE-2023-40622 was published Sep 13, 2023
Koji hub call does not perform correct access checks Critical
CVE-2018-1002150 was published for koji (pip) Jul 12, 2018
Mercurial Incorrect Access Control vulnerability Critical
CVE-2018-1000132 was published for mercurial (pip) May 13, 2022
Improper permission configurationDomain configuration vulnerability of the mobile application ... Critical Unreviewed
CVE-2024-8039 was published Sep 16, 2024
A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All... Critical Unreviewed
CVE-2024-41171 was published Sep 10, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue... Critical Unreviewed
CVE-2024-3375 was published Apr 29, 2024
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user... Critical Unreviewed
CVE-2024-5163 was published Jun 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database