Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,474
Erlang
33
GitHub Actions
24
Go
2,203
Maven
5,000+
npm
3,845
NuGet
696
pip
3,635
Pub
12
RubyGems
911
Rust
912
Swift
38
Unreviewed advisories
All unreviewed
5,000+

586 advisories

Loading
extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic... High Unreviewed
CVE-2023-46870 was published May 14, 2024
Clario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to... High Unreviewed
CVE-2024-34474 was published May 5, 2024
The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions... High Unreviewed
CVE-2023-7235 was published Feb 21, 2024
Vulnerability of undefined permissions in the Calendar app. Impact: Successful exploitation of... High Unreviewed
CVE-2023-52545 was published Apr 8, 2024
The TD Bank TD Advanced Dashboard client through 3.0.3 for macOS allows arbitrary code execution... High Unreviewed
CVE-2023-50975 was published Feb 21, 2024
Insecure permissions in Smart Soft advancedexport before v4.4.7 allow unauthenticated attackers... High Unreviewed
CVE-2023-43984 was published Nov 8, 2023
NNM failed to properly set ACLs on its installation directory, which could allow a low... High Unreviewed
CVE-2023-5623 was published Oct 26, 2023
Incorrect Default Permissions in Cobbler High
CVE-2021-45083 was published for cobbler (pip) Feb 21, 2022
tdunlap607
Mautic Sensitive Data Exposure due to inadequate user permission settings High
CVE-2022-25776 was published for mautic/core (Composer) Apr 12, 2024
lenonleite
Django Incorrect Default Permissions High
CVE-2020-24583 was published for Django (pip) Mar 18, 2021
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The... High Unreviewed
CVE-2024-8533 was published Sep 12, 2024
JSNAPy allows unprivileged local users to alter files under the directory High
CVE-2018-0023 was published for jsnapy (pip) Jul 12, 2018
Incorrect Default Permissions in keyring High
CVE-2012-5577 was published for keyring (pip) Mar 11, 2020
Incorrect Default Permissions in keyring High
CVE-2012-5578 was published for keyring (pip) Mar 10, 2020
OpenStack Manila Unprivileged users can retrieve, use and manipulate share networks High
CVE-2020-9543 was published for manila (pip) May 24, 2022
Duplicate Advisory: Apiman has insufficient checks for read permissions High
GHSA-54r5-wr8x-x5v3 was published for io.apiman:apiman-manager-api-rest-impl (Maven) Dec 20, 2022 withdrawn
msavy
Under specific circumstances, insecure permissions in Ivanti Velocity License Server before... High Unreviewed
CVE-2024-9167 was published Oct 8, 2024
In multiple locations, there is a possible permission bypass due to a confused deputy. This could... High Unreviewed
CVE-2024-40654 was published Sep 11, 2024
Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed
CVE-2024-49389 was published Oct 17, 2024
In Telerik Test Studio versions prior to v2023.3.1330, a privilege elevation vulnerability has... High Unreviewed
CVE-2024-0833 was published Jan 31, 2024
rtslib-fb weak permissions for /etc/target/saveconfig.json file High
CVE-2020-14019 was published for rtslib-fb (pip) May 24, 2022
Insecure Permissions issue in Raiden Professional Server RaidenFTPD v.2.4 build 4005 allows a... High Unreviewed
CVE-2023-38960 was published Feb 14, 2024
Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers... High Unreviewed
CVE-2024-7587 was published Oct 23, 2024
Incorrect default permissions in the Intel(R) SUR for Gameplay Software before version 2.0.1901... High Unreviewed
CVE-2023-40154 was published Oct 23, 2024
The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions... High Unreviewed
CVE-2024-9947 was published Oct 23, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database