Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

425 advisories

Loading
Sensitive information disclosure due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2023-5042 was published Sep 20, 2023
The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4... Moderate Unreviewed
CVE-2022-3466 was published Sep 15, 2023
A permissions issue was addressed with improved redaction of sensitive information. This issue is... Moderate Unreviewed
CVE-2023-34352 was published Sep 6, 2023
Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an... Moderate Unreviewed
CVE-2023-2737 was published Aug 16, 2023
Incorrect default permissions in the Intel(R) Support android application before version v23.02... Moderate Unreviewed
CVE-2023-27392 was published Aug 11, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various... Moderate Unreviewed
CVE-2023-3323 was published Jul 24, 2023
Omnis Studio 10.22.00 has incorrect access control. It advertises an irreversible feature for... Moderate Unreviewed
CVE-2023-38334 was published Jul 20, 2023
Omnis Studio 10.22.00 has incorrect access control. It advertises a feature for making Omnis... Moderate Unreviewed
CVE-2023-38335 was published Jul 20, 2023
In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command... Moderate Unreviewed
CVE-2023-22931 was published Jul 6, 2023
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows... Moderate Unreviewed
CVE-2023-21513 was published Jun 28, 2023
A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent... Moderate Unreviewed
CVE-2023-30902 was published Jun 27, 2023
This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS... Moderate Unreviewed
CVE-2023-32404 was published Jun 23, 2023
A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5,... Moderate Unreviewed
CVE-2023-32407 was published Jun 23, 2023
The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.5 and... Moderate Unreviewed
CVE-2023-32399 was published Jun 23, 2023
A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged... Moderate Unreviewed
CVE-2023-23344 was published Jun 23, 2023
An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0... Moderate Unreviewed
CVE-2022-33877 was published Jun 13, 2023
Jenkins SAML Single Sign On(SSO) Plugin missing permission checks Moderate
CVE-2023-32996 was published for io.jenkins.plugins:miniorange-saml-sp (Maven) May 16, 2023
Jenkins AppSpider Plugin missing permission check Moderate
CVE-2023-32999 was published for com.rapid7:jenkinsci-appspider-plugin (Maven) May 16, 2023
In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local... Moderate Unreviewed
CVE-2023-21104 was published May 16, 2023
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura... Moderate Unreviewed
CVE-2023-28192 was published May 8, 2023
A valid, authenticated XCC user with read-only permissions can modify custom user roles on other... Moderate Unreviewed
CVE-2023-29058 was published Apr 28, 2023
PowerJob vulnerable to Insecure Permissions Moderate
CVE-2023-29923 was published for tech.powerjob:powerjob (Maven) Apr 19, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3146 was published for tripleo-ansible (pip) Mar 23, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3101 was published for tripleo-ansible (pip) Mar 23, 2023
cilium-agent container can access the host via `hostPath` mount Moderate
CVE-2023-27593 was published for github.com/cilium/cilium (Go) Mar 17, 2023
tasoskoutlis-f3 daniel-f3
mag-ocz
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database