GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,975
Composer 4,874
Erlang 37
GitHub Actions 36
Go 2,520
Maven 5,970
npm 4,160
NuGet 741
pip 3,961
Pub 12
RubyGems 946
Rust 1,028
Swift 39

Unreviewed advisories

All unreviewed 270,923

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

508 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of... Moderate Unreviewed

CVE-2022-4575 was published Oct 30, 2023

Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux... Moderate Unreviewed

CVE-2023-45690 was published Oct 16, 2023

A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in... Moderate Unreviewed

CVE-2023-4065 was published Sep 27, 2023

Sensitive information disclosure due to insecure folder permissions. The following products are... Moderate Unreviewed

CVE-2023-5042 was published Sep 20, 2023

The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4... Moderate Unreviewed

CVE-2022-3466 was published Sep 15, 2023

A permissions issue was addressed with improved redaction of sensitive information. This issue is... Moderate Unreviewed

CVE-2023-34352 was published Sep 6, 2023

Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an... Moderate Unreviewed

CVE-2023-2737 was published Aug 16, 2023

Incorrect default permissions in the Intel(R) Support android application before version v23.02... Moderate Unreviewed

CVE-2023-27392 was published Aug 11, 2023

A vulnerability exists by allowing low-privileged users to read and update the data in various... Moderate Unreviewed

CVE-2023-3323 was published Jul 24, 2023

Omnis Studio 10.22.00 has incorrect access control. It advertises a feature for making Omnis... Moderate Unreviewed

CVE-2023-38335 was published Jul 20, 2023

Omnis Studio 10.22.00 has incorrect access control. It advertises an irreversible feature for... Moderate Unreviewed

CVE-2023-38334 was published Jul 20, 2023

In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command... Moderate Unreviewed

CVE-2023-22931 was published Jul 6, 2023

Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows... Moderate Unreviewed

CVE-2023-21513 was published Jun 28, 2023

A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent... Moderate Unreviewed

CVE-2023-30902 was published Jun 27, 2023

The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.5 and... Moderate Unreviewed

CVE-2023-32399 was published Jun 23, 2023

A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5,... Moderate Unreviewed

CVE-2023-32407 was published Jun 23, 2023

This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS... Moderate Unreviewed

CVE-2023-32404 was published Jun 23, 2023

A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged... Moderate Unreviewed

CVE-2023-23344 was published Jun 23, 2023

An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0... Moderate Unreviewed

CVE-2022-33877 was published Jun 13, 2023

Insecure permissions in the ps_customer table of Prestashop scquickaccounting before v3.7.3... Moderate Unreviewed

CVE-2023-30281 was published May 16, 2023

Jenkins SAML Single Sign On(SSO) Plugin missing permission checks Moderate

CVE-2023-32996 was published for io.jenkins.plugins:miniorange-saml-sp (Maven) May 16, 2023

Jenkins AppSpider Plugin missing permission check Moderate

CVE-2023-32999 was published for com.rapid7:jenkinsci-appspider-plugin (Maven) May 16, 2023

In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local... Moderate Unreviewed

CVE-2023-21104 was published May 16, 2023

A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura... Moderate Unreviewed

CVE-2023-28192 was published May 8, 2023

A valid, authenticated XCC user with read-only permissions can modify custom user roles on other... Moderate Unreviewed

CVE-2023-29058 was published Apr 28, 2023

Previous 1…8…21 Next

Previous 1 2 … 6 7 8 9 10 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

508 advisories