GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,149 advisories
Filter by severity
Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow...
High
Unreviewed
CVE-2023-28658
was published
Aug 11, 2023
Insecure permissions exist for configd.socket in OPNsense before 23.7.
High
Unreviewed
CVE-2023-39005
was published
Aug 9, 2023
OPNsense before 23.7 was discovered to contain insecure permissions in the directory /tmp.
High
Unreviewed
CVE-2023-39003
was published
Aug 9, 2023
Insecure permissions in the configuration directory (/conf/) of OPNsense before 23.7 allow...
Critical
Unreviewed
CVE-2023-39004
was published
Aug 9, 2023
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected...
High
Unreviewed
CVE-2022-39062
was published
Aug 8, 2023
An issue in the delete function in the ActModelController class of jeesite v1.2.6 allows...
Moderate
Unreviewed
CVE-2023-38991
was published
Aug 4, 2023
A vulnerability in the privilege management functionality of all Cisco BroadWorks server types...
High
Unreviewed
CVE-2023-20216
was published
Aug 4, 2023
Cargo not respecting umask when extracting crate archives
High
CVE-2023-38497
was published
for
cargo
(Rust)
Aug 3, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various...
High
Unreviewed
CVE-2023-3322
was published
Jul 24, 2023
Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted...
High
Unreviewed
CVE-2023-28133
was published
Jul 23, 2023
SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing...
High
Unreviewed
CVE-2023-33990
was published
Jul 11, 2023
When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions...
High
Unreviewed
CVE-2023-35870
was published
Jul 11, 2023
Apache InLong vulnerable to Incorrect Permission Assignment for Critical Resource
High
CVE-2023-31454
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 6, 2023
Apache InLong Incorrect Permission Assignment for Critical Resource Vulnerability
High
CVE-2023-31453
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 6, 2023
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE...
High
Unreviewed
CVE-2022-43946
was published
Jul 6, 2023
No access control for the OTP key
on OTP entries
in Devolutions Remote Desktop Manager...
Moderate
Unreviewed
CVE-2023-1939
was published
Jul 6, 2023
An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions.
High
Unreviewed
CVE-2022-44719
was published
Jun 29, 2023
In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an...
High
Unreviewed
CVE-2023-37237
was published
Jun 29, 2023
Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An...
Moderate
Unreviewed
CVE-2023-35799
was published
Jun 27, 2023
Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL...
Moderate
Unreviewed
CVE-2023-35800
was published
Jun 27, 2023
An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows...
High
Unreviewed
CVE-2023-29860
was published
Jun 23, 2023
Apache Tomcat vulnerable to information leak
High
CVE-2023-34981
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Jun 21, 2023
Default permissions for a properties file were too permissive. Local system users could read...
Low
Unreviewed
CVE-2023-26427
was published
Jun 20, 2023
Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of...
High
Unreviewed
CVE-2023-34154
was published
Jun 16, 2023
Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows...
Moderate
Unreviewed
CVE-2023-34797
was published
Jun 15, 2023
ProTip!
Advisories are also available from the
GraphQL API