Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,388 advisories

Loading
Jenkins SAML Single Sign On(SSO) Plugin missing permission checks High
CVE-2023-32992 was published for io.jenkins.plugins:miniorange-saml-sp (Maven) May 16, 2023
Jenkins Tag Profiler Plugin missing permission check Moderate
CVE-2023-33004 was published for org.jenkins-ci.plugins:tag-profiler (Maven) May 16, 2023
Jenkins Email Extension Plugin missing permission check Moderate
CVE-2023-32979 was published for org.jenkins-ci.plugins:email-ext (Maven) May 16, 2023
OpenText Documentum Content Server before 23.2 has a flaw that allows for privilege escalation... High Unreviewed
CVE-2023-31871 was published May 18, 2023
The window management module lacks permission verification.Successful exploitation of this... High Unreviewed
CVE-2023-1692 was published May 20, 2023
When Akka HTTP before 10.5.2 accepts file uploads via the FileUploadDirectives.fileUploadAll... Moderate Unreviewed
CVE-2023-33251 was published May 21, 2023
Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local... High Unreviewed
CVE-2023-31748 was published May 24, 2023
Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via... High Unreviewed
CVE-2023-31874 was published May 29, 2023
An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x... Moderate Unreviewed
CVE-2022-41766 was published May 29, 2023
An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for a remote... High Unreviewed
CVE-2023-28346 was published May 31, 2023
Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS)... High Unreviewed
CVE-2023-28399 was published Jun 1, 2023
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754,... Low Unreviewed
CVE-2023-32114 was published Jun 13, 2023
Sensitive Cookie Without 'HttpOnly' Flag vulnerability in ABB REX640 PCL1 (firmware modules), ABB... Moderate Unreviewed
CVE-2023-2876 was published Jun 13, 2023
A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). Affected... High Unreviewed
CVE-2023-30897 was published Jun 13, 2023
A vulnerability has been identified in POWER METER SICAM Q200 family (All versions < V2.70).... Moderate Unreviewed
CVE-2023-31238 was published Jun 13, 2023
Insecure Temporary File in HuTool High
CVE-2023-33695 was published for cn.hutool:hutool-core (Maven) Jun 13, 2023
Arbitrary file read vulnerability in Jenkins AWS CodeCommit Trigger Plugin Moderate
CVE-2023-35147 was published for org.jenkins-ci.plugins:aws-codecommit-trigger (Maven) Jun 14, 2023
IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critical resource in a... High Unreviewed
CVE-2022-33163 was published Jun 15, 2023
PublicCMS <=V4.0.202302 is vulnerable to Insecure Permissions. Critical Unreviewed
CVE-2023-34852 was published Jun 15, 2023
In multiple files, there is a possible way to access traces in the dev mode due to a permissions... Moderate Unreviewed
CVE-2023-21142 was published Jun 15, 2023
Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows... Moderate Unreviewed
CVE-2023-34797 was published Jun 15, 2023
Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of... High Unreviewed
CVE-2023-34154 was published Jun 16, 2023
Default permissions for a properties file were too permissive. Local system users could read... Low Unreviewed
CVE-2023-26427 was published Jun 20, 2023
Apache Tomcat vulnerable to information leak High
CVE-2023-34981 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 21, 2023
sunSUNQ westonsteimel
Credited to sunSUNQ and westonsteimel
An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows... High Unreviewed
CVE-2023-29860 was published Jun 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database