GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
368 advisories
Filter by severity
Insecure permission vulnerability in /hrm/leaverequest.php in SourceCodester Human Resource...
Moderate
Unreviewed
CVE-2024-34223
was published
May 14, 2024
Local privilege escalation due to insecure folder permissions. The following products are...
Moderate
Unreviewed
CVE-2024-34011
was published
Apr 29, 2024
Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre...
Moderate
Unreviewed
CVE-2023-38294
was published
Apr 22, 2024
In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances...
Moderate
Unreviewed
CVE-2024-29967
was published
Apr 19, 2024
Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes...
Moderate
Unreviewed
CVE-2024-29962
was published
Apr 19, 2024
An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved...
Moderate
Unreviewed
CVE-2024-21615
was published
Apr 12, 2024
Permission verification vulnerability in the lock screen module.
Impact: Successful exploitation...
Moderate
Unreviewed
CVE-2023-52717
was published
Apr 7, 2024
Dell Grab for Windows, versions up to and including 5.0.4, contain Weak Application Folder...
Moderate
Unreviewed
CVE-2024-25958
was published
Mar 26, 2024
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. The...
Moderate
Unreviewed
CVE-2024-22085
was published
Mar 20, 2024
BMC Control-M branches 9.0.20 and 9.0.21 upon user login load all Dynamic Link Libraries (DLL) ...
Moderate
Unreviewed
CVE-2024-1605
was published
Mar 18, 2024
Incorrect default permissions in some Intel(R) CSME installer software before version 2328.5.5.0...
Moderate
Unreviewed
CVE-2023-28389
was published
Mar 14, 2024
Microsoft Defender Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-20671
was published
Mar 12, 2024
A permissions issue was addressed to help ensure Personas are always protected This issue is...
Moderate
Unreviewed
CVE-2024-23295
was published
Mar 8, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2024-23201
was published
Mar 8, 2024
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a...
Moderate
Unreviewed
CVE-2024-26302
was published
Feb 28, 2024
Sensitive information disclosure due to insecure folder permissions. The following products are...
Moderate
Unreviewed
CVE-2023-48678
was published
Feb 27, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 17.1,...
Moderate
Unreviewed
CVE-2023-42953
was published
Feb 21, 2024
The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and...
Moderate
Unreviewed
CVE-2024-25605
was published
Feb 20, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Moderate
Unreviewed
CVE-2024-20921
was published
Feb 17, 2024
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS...
Moderate
Unreviewed
CVE-2023-49721
was published
Feb 15, 2024
Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions...
Moderate
Unreviewed
CVE-2024-22430
was published
Feb 1, 2024
A vulnerability has been reported in Suite Setups built with versions prior to InstallShield 2023...
Moderate
Unreviewed
CVE-2023-29081
was published
Jan 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ignazio Scimone Albo...
Moderate
Unreviewed
CVE-2024-22301
was published
Jan 24, 2024
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio...
Moderate
Unreviewed
CVE-2022-4964
was published
Jan 24, 2024
A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID...
Moderate
Unreviewed
CVE-2024-0770
was published
Jan 22, 2024
ProTip!
Advisories are also available from the
GraphQL API