GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
166 advisories
Filter by severity
Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated...
Moderate
Unreviewed
CVE-2024-9333
was published
Oct 2, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-44188
was published
Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44149
was published
Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-40859
was published
Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-40831
was published
Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-40770
was published
Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-27858
was published
Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-27795
was published
Sep 17, 2024
User with no permission to any of the Hosts can access and view host count & other statistics...
Moderate
Unreviewed
CVE-2024-22114
was published
Aug 12, 2024
A non-admin user can change or remove important features within the Zabbix Agent application,...
Moderate
Unreviewed
CVE-2024-22121
was published
Aug 12, 2024
In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin...
High
Unreviewed
CVE-2024-23464
was published
Aug 6, 2024
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a...
Moderate
Unreviewed
CVE-2024-33892
was published
Aug 2, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, macOS...
High
Unreviewed
CVE-2024-40828
was published
Jul 30, 2024
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-40821
was published
Jul 30, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 10...
High
Unreviewed
CVE-2024-40805
was published
Jul 30, 2024
This issue was addressed through improved state management. This issue is fixed in watchOS 10.6,...
High
Unreviewed
CVE-2024-40824
was published
Jul 30, 2024
An input validation issue was addressed with improved input validation. This issue is fixed in...
High
Unreviewed
CVE-2024-40800
was published
Jul 30, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. An app...
High
Unreviewed
CVE-2024-40811
was published
Jul 30, 2024
A permissions issue was addressed by removing vulnerable code and adding additional checks. This...
High
Unreviewed
CVE-2024-27888
was published
Jul 30, 2024
Insecure permissions in kruise v1.6.2 allows attackers to access sensitive data and escalate...
Critical
Unreviewed
CVE-2024-36532
was published
Jun 22, 2024
There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force...
High
Unreviewed
CVE-2023-25646
was published
Jun 20, 2024
When installing Nessus Agent to a directory outside of the default location on a Windows host,...
High
Unreviewed
CVE-2024-3291
was published
May 17, 2024
When installing Nessus to a directory outside of the default location on a Windows host, Nessus...
High
Unreviewed
CVE-2024-3289
was published
May 17, 2024
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get...
Low
Unreviewed
CVE-2024-22177
was published
Apr 2, 2024
Anope before 2.0.15 does not prevent resetting the password of a suspended account.
Moderate
Unreviewed
CVE-2024-30187
was published
Mar 25, 2024
ProTip!
Advisories are also available from the
GraphQL API