Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,520
Maven
5,000+
npm
4,160
NuGet
738
pip
3,959
Pub
12
RubyGems
946
Rust
1,027
Swift
39
Unreviewed advisories
All unreviewed
5,000+

508 advisories

Loading
Liferay Portal and Liferay DXP Allows Templates to be Viewed via the UI or API Moderate
CVE-2024-25605 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 20, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Moderate Unreviewed
CVE-2024-20921 was published Feb 17, 2024
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS... Moderate Unreviewed
CVE-2023-49721 was published Feb 15, 2024
Pkg Local Privilege Escalation Moderate
CVE-2024-24828 was published for pkg (npm) Feb 9, 2024
TomiBelan
Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions... Moderate Unreviewed
CVE-2024-22430 was published Feb 1, 2024
A vulnerability has been reported in Suite Setups built with versions prior to InstallShield 2023... Moderate Unreviewed
CVE-2023-29081 was published Jan 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ignazio Scimone Albo... Moderate Unreviewed
CVE-2024-22301 was published Jan 24, 2024
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio... Moderate Unreviewed
CVE-2022-4964 was published Jan 24, 2024
A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID... Moderate Unreviewed
CVE-2024-0770 was published Jan 22, 2024
Incorrect default permissions in some Intel Integrated Sensor Hub (ISH) driver for Windows 10 for... Moderate Unreviewed
CVE-2023-29244 was published Jan 19, 2024
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning... Moderate Unreviewed
CVE-2023-6457 was published Jan 16, 2024
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y... Moderate Unreviewed
CVE-2024-23301 was published Jan 13, 2024
[PROBLEMTYPE] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT]. Moderate Unreviewed
CVE-2022-45793 was published Jan 10, 2024
A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows... Moderate Unreviewed
CVE-2023-5536 was published Dec 12, 2023
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow... Moderate Unreviewed
CVE-2023-28870 was published Dec 9, 2023
Permission management vulnerability in the module for disabling Sound Booster. Successful... Moderate Unreviewed
CVE-2023-6273 was published Dec 6, 2023
In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials... Moderate Unreviewed
CVE-2023-40076 was published Dec 5, 2023
Apache Superset has Incorrect Default Permissions Moderate
CVE-2023-42501 was published for apache-superset (pip) Nov 27, 2023
A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is... Moderate Unreviewed
CVE-2023-6302 was published Nov 27, 2023
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default... Moderate Unreviewed
CVE-2023-43081 was published Nov 22, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information... Moderate Unreviewed
CVE-2023-42774 was published Nov 20, 2023
Insecure permissions in the setNFZEnable function of Autel Robotics EVO Nano drone v1.6.5 allows... Moderate Unreviewed
CVE-2023-47335 was published Nov 16, 2023
Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may... Moderate Unreviewed
CVE-2023-32638 was published Nov 14, 2023
Incorrect default permissions in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows... Moderate Unreviewed
CVE-2023-27305 was published Nov 14, 2023
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files,... Moderate Unreviewed
CVE-2023-4091 was published Nov 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database