GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,787

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,386 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Insecure permissions in Chocolatey Ruby package v3.1.2.1 and below grants all users in the... Moderate Unreviewed

CVE-2022-45301 was published Nov 29, 2022

Insecure permissions in Chocolatey Python3 package v3.11.0 and below grants all users in the... Moderate Unreviewed

CVE-2022-45305 was published Nov 29, 2022

Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all... Moderate Unreviewed

CVE-2022-45306 was published Nov 29, 2022

Insecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the... Moderate Unreviewed

CVE-2022-45307 was published Nov 29, 2022

Automotive Shop Management System v1.0 is vulnerable to Delete any file via /asms/classes/Master... Moderate Unreviewed

CVE-2022-44280 was published Nov 23, 2022

Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on... Moderate Unreviewed

CVE-2022-38461 was published Nov 18, 2022

OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a... High Unreviewed

CVE-2022-44725 was published Nov 18, 2022

IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission... Low Unreviewed

CVE-2022-34314 was published Nov 15, 2022

CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of... High Unreviewed

CVE-2022-45193 was published Nov 12, 2022

Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1... High Unreviewed

CVE-2022-39883 was published Nov 10, 2022

Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022... Low Unreviewed

CVE-2022-39887 was published Nov 10, 2022

Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed

CVE-2022-44732 was published Nov 8, 2022

Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed

CVE-2022-44733 was published Nov 8, 2022

Sensitive information disclosure due to insecure folder permissions. The following products are... Moderate Unreviewed

CVE-2022-44746 was published Nov 8, 2022

Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on... High Unreviewed

CVE-2022-3258 was published Nov 4, 2022

A permissions issue existed. This issue was addressed with improved permission validation. This... Moderate Unreviewed

CVE-2022-42788 was published Nov 2, 2022

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 15.7.1... Moderate Unreviewed

CVE-2022-32929 was published Nov 2, 2022

The Automox Agent before 40 on Windows incorrectly sets permissions on key files. High Unreviewed

CVE-2022-36122 was published Oct 21, 2022

An Incorrect Permission Assignment vulnerability in shell processing of Juniper Networks Junos OS... High Unreviewed

CVE-2022-22248 was published Oct 18, 2022

74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change... Moderate Unreviewed

CVE-2022-41471 was published Oct 17, 2022

Improper access control in the GitLab CE/EE API affecting all versions starting from 12.8 before... Moderate Unreviewed

CVE-2022-3325 was published Oct 17, 2022

The default privileges for the running service Normand Service Manager in Beckman Coulter Remisol... Moderate Unreviewed

CVE-2022-26238 was published Oct 7, 2022

The default privileges for the running service Normand Remisol Advance Launcher in Beckman... Moderate Unreviewed

CVE-2022-26236 was published Oct 7, 2022

Codeigniter4's Secure or HttpOnly flag set in Config\Cookie is not reflected in Cookies issued Low

CVE-2022-39284 was published for codeigniter4/framework (Composer) Oct 6, 2022

A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement... Moderate Unreviewed

CVE-2022-2975 was published Oct 6, 2022

Previous 1…20…56 Next

Previous 1 2 … 18 19 20 21 22 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,386 advisories