Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,149 advisories

Loading
Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow... High Unreviewed
CVE-2023-28658 was published Aug 11, 2023
Insecure permissions exist for configd.socket in OPNsense before 23.7. High Unreviewed
CVE-2023-39005 was published Aug 9, 2023
OPNsense before 23.7 was discovered to contain insecure permissions in the directory /tmp. High Unreviewed
CVE-2023-39003 was published Aug 9, 2023
Insecure permissions in the configuration directory (/conf/) of OPNsense before 23.7 allow... Critical Unreviewed
CVE-2023-39004 was published Aug 9, 2023
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected... High Unreviewed
CVE-2022-39062 was published Aug 8, 2023
An issue in the delete function in the ActModelController class of jeesite v1.2.6 allows... Moderate Unreviewed
CVE-2023-38991 was published Aug 4, 2023
A vulnerability in the privilege management functionality of all Cisco BroadWorks server types... High Unreviewed
CVE-2023-20216 was published Aug 4, 2023
Cargo not respecting umask when extracting crate archives High
CVE-2023-38497 was published for cargo (Rust) Aug 3, 2023
addisoncrump pietroalbini
weihanglo ehuss cuviper Manishearth
A vulnerability exists by allowing low-privileged users to read and update the data in various... High Unreviewed
CVE-2023-3322 was published Jul 24, 2023
Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted... High Unreviewed
CVE-2023-28133 was published Jul 23, 2023
SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing... High Unreviewed
CVE-2023-33990 was published Jul 11, 2023
When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions... High Unreviewed
CVE-2023-35870 was published Jul 11, 2023
Apache InLong vulnerable to Incorrect Permission Assignment for Critical Resource High
CVE-2023-31454 was published for org.apache.inlong:manager-service (Maven) Jul 6, 2023
Apache InLong Incorrect Permission Assignment for Critical Resource Vulnerability High
CVE-2023-31453 was published for org.apache.inlong:manager-service (Maven) Jul 6, 2023
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE... High Unreviewed
CVE-2022-43946 was published Jul 6, 2023
No access control for the OTP key   on OTP entries in Devolutions Remote Desktop Manager... Moderate Unreviewed
CVE-2023-1939 was published Jul 6, 2023
An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions. High Unreviewed
CVE-2022-44719 was published Jun 29, 2023
In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an... High Unreviewed
CVE-2023-37237 was published Jun 29, 2023
Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An... Moderate Unreviewed
CVE-2023-35799 was published Jun 27, 2023
Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL... Moderate Unreviewed
CVE-2023-35800 was published Jun 27, 2023
An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows... High Unreviewed
CVE-2023-29860 was published Jun 23, 2023
Apache Tomcat vulnerable to information leak High
CVE-2023-34981 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 21, 2023
sunSUNQ westonsteimel
Default permissions for a properties file were too permissive. Local system users could read... Low Unreviewed
CVE-2023-26427 was published Jun 20, 2023
Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of... High Unreviewed
CVE-2023-34154 was published Jun 16, 2023
Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows... Moderate Unreviewed
CVE-2023-34797 was published Jun 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database