GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,960
Composer 4,873
Erlang 37
GitHub Actions 36
Go 2,520
Maven 5,961
npm 4,160
NuGet 738
pip 3,959
Pub 12
RubyGems 946
Rust 1,027
Swift 39

Unreviewed advisories

All unreviewed 270,837

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,205 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The "CLink4Service" service is installed with Corsair Link 4.9.7.35 with insecure permissions by... High Unreviewed

CVE-2018-19592 was published May 24, 2022

The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18... High Unreviewed

CVE-2019-3689 was published May 24, 2022

Some of Dahua's Debug functions do not have permission separation. Low-privileged users can use... High Unreviewed

CVE-2019-9679 was published May 24, 2022

The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated... High Unreviewed

CVE-2019-16106 was published May 24, 2022

In Limesurvey before 3.17.14, admin users can access the plugin manager without proper permissions. High Unreviewed

CVE-2019-16186 was published May 24, 2022

In Limesurvey before 3.17.14, admin users can view, update, or delete reserved menu entries... High Unreviewed

CVE-2019-16185 was published May 24, 2022

In Limesurvey before 3.17.14, admin users can run an integrity check without proper permissions. Moderate Unreviewed

CVE-2019-16183 was published May 24, 2022

WTF before 0.19.0 does not set the permissions of config.yml, which might make it easier for... Moderate Unreviewed

CVE-2019-15716 was published May 24, 2022

A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby... High Unreviewed

CVE-2019-7588 was published May 24, 2022

An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions,... Moderate Unreviewed

CVE-2018-7822 was published May 24, 2022

D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions. Critical Unreviewed

CVE-2022-28932 was published May 24, 2022

Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers... High Unreviewed

CVE-2022-28999 was published May 24, 2022

Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install... High Unreviewed

CVE-2022-29376 was published May 24, 2022

Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network... High Unreviewed

CVE-2022-0997 was published May 18, 2022

Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of... High Unreviewed

CVE-2022-0486 was published May 18, 2022

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows... High Unreviewed

CVE-2014-7302 was published May 17, 2022

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows... Moderate Unreviewed

CVE-2014-7301 was published May 17, 2022

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows... High Unreviewed

CVE-2014-7303 was published May 17, 2022

plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak... Moderate Unreviewed

CVE-2010-4176 was published May 17, 2022

administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass... High Unreviewed

CVE-2013-0632 was published May 17, 2022

Sourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes... Moderate Unreviewed

CVE-2022-30375 was published May 14, 2022

Air Cargo Management System v1.0 is vulnerable to file deletion via /acms/classes/Master.php?f... Moderate Unreviewed

CVE-2022-30367 was published May 14, 2022

A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM... Moderate Unreviewed

CVE-2018-9085 was published May 13, 2022

An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of... High Unreviewed

CVE-2018-7535 was published May 13, 2022

Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may... High Unreviewed

CVE-2018-12175 was published May 13, 2022

Previous 1…42…49 Next

Previous 1 2 … 40 41 42 43 44 … 48 49 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,205 advisories