GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
247 advisories
Filter by severity
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS...
High
Unreviewed
CVE-2024-44211
was published
Dec 20, 2024
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia...
Moderate
Unreviewed
CVE-2024-44223
was published
Dec 20, 2024
This issue was addressed with improved validation of the process entitlement and Team ID. This...
High
Unreviewed
CVE-2023-42867
was published
Dec 20, 2024
In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0, the WriteAcl function deletes...
Unknown
Unreviewed
CVE-2024-56317
was published
Dec 19, 2024
The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. An app...
Moderate
Unreviewed
CVE-2024-54484
was published
Dec 12, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 11...
Moderate
Unreviewed
CVE-2024-54513
was published
Dec 12, 2024
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.2...
High
Unreviewed
CVE-2024-54515
was published
Dec 12, 2024
A logic issue was addressed with improved state management. This issue is fixed in macOS Sequoia...
Critical
Unreviewed
CVE-2024-54465
was published
Dec 12, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers...
Moderate
Unreviewed
CVE-2024-50924
was published
Dec 10, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers...
Moderate
Unreviewed
CVE-2024-50929
was published
Dec 10, 2024
An issue in Silicon Labs Z-Wave Series 500 v6.84.0 allows attackers to execute arbitrary code.
High
Unreviewed
CVE-2024-50930
was published
Dec 10, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers...
Moderate
Unreviewed
CVE-2024-50928
was published
Dec 10, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers...
High
Unreviewed
CVE-2024-50920
was published
Dec 10, 2024
Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers...
Moderate
Unreviewed
CVE-2024-50921
was published
Dec 10, 2024
Silicon Labs Z-Wave Series 500 v6.84.0 was discovered to contain insecure permissions.
Moderate
Unreviewed
CVE-2024-50931
was published
Dec 10, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v...
Critical
Unreviewed
CVE-2024-41645
was published
Dec 7, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v...
High
Unreviewed
CVE-2024-41650
was published
Dec 7, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v...
Critical
Unreviewed
CVE-2024-41649
was published
Dec 7, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v...
High
Unreviewed
CVE-2024-41648
was published
Dec 7, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v...
Critical
Unreviewed
CVE-2024-41644
was published
Dec 7, 2024
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v...
Critical
Unreviewed
CVE-2024-41646
was published
Dec 7, 2024
The Mister org.mistergroup.shouldianswer application 1.4.264 for Android enables any installed...
High
Unreviewed
CVE-2024-37575
was published
Dec 4, 2024
Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion
Moderate
CVE-2024-43784
was published
for
github.com/treeverse/lakefs
(Go)
Nov 26, 2024
Rclone has Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata
Moderate
CVE-2024-52522
was published
for
github.com/rclone/rclone
(Go)
Nov 19, 2024
A permission leak could have occurred from a trusted site to an untrusted site via `embed` or ...
High
Unreviewed
CVE-2024-10458
was published
Oct 29, 2024
ProTip!
Advisories are also available from the
GraphQL API