GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,960
Composer 4,873
Erlang 37
GitHub Actions 36
Go 2,520
Maven 5,961
npm 4,160
NuGet 738
pip 3,959
Pub 12
RubyGems 946
Rust 1,027
Swift 39

Unreviewed advisories

All unreviewed 270,817

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,336 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Incorrect access control in the Forgot Your Password function of EMSigner v2.8.7 allows... Critical Unreviewed

CVE-2023-43902 was published Nov 14, 2023

A privilege escalation vulnerability was reported in Lenovo preloaded devices deployed using... High Unreviewed

CVE-2023-4706 was published Nov 9, 2023

Insecure permissions in Smart Soft advancedexport before v4.4.7 allow unauthenticated attackers... High Unreviewed

CVE-2023-43984 was published Nov 8, 2023

Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability High Unreviewed

CVE-2023-41726 was published Nov 3, 2023

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files,... Moderate Unreviewed

CVE-2023-4091 was published Nov 3, 2023

A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of... Moderate Unreviewed

CVE-2022-4575 was published Oct 30, 2023

NNM failed to properly set ACLs on its installation directory, which could allow a low... High Unreviewed

CVE-2023-5623 was published Oct 26, 2023

Insecure Permissions vulnerability in WenwenaiCMS v.1.0 allows a remote attacker to escalate... High Unreviewed

CVE-2023-45990 was published Oct 25, 2023

A vulnerability was reported in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3 that... High Unreviewed

CVE-2023-3112 was published Oct 25, 2023

TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions... Critical Unreviewed

CVE-2022-42150 was published Oct 19, 2023

The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This... High Unreviewed

CVE-2023-35183 was published Oct 19, 2023

The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This... High Unreviewed

CVE-2023-35181 was published Oct 19, 2023

TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the ... Critical Unreviewed

CVE-2023-27133 was published Oct 17, 2023

Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux... Moderate Unreviewed

CVE-2023-45690 was published Oct 16, 2023

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an... High Unreviewed

CVE-2023-44194 was published Oct 13, 2023

A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo... High Unreviewed

CVE-2022-3431 was published Oct 9, 2023

Incorrect Default Permissions vulnerability in Hitachi JP1/Performance Management on Windows... High Unreviewed

CVE-2023-3440 was published Oct 3, 2023

Local privilege escalation due to insecure folder permissions. The following products are... Low Unreviewed

CVE-2023-44157 was published Sep 27, 2023

A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in... Moderate Unreviewed

CVE-2023-4065 was published Sep 27, 2023

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured... Critical Unreviewed

CVE-2022-4039 was published Sep 22, 2023

Withdrawn Advisory: Mobile Security Framework (MobSF) Vulnerable to Insecure Permissions High

CVE-2023-42261 was published for mobsf (pip) Sep 22, 2023 • withdrawn

Jenkins temporary plugin file created with insecure permissions High

CVE-2023-43496 was published for org.jenkins-ci.main:jenkins-core (Maven) Sep 20, 2023

Sensitive information disclosure due to insecure folder permissions. The following products are... Moderate Unreviewed

CVE-2023-5042 was published Sep 20, 2023

Incorrect Default Permissions vulnerability due to incomplete fix to address CVE-2020-14496 in... High Unreviewed

CVE-2023-4088 was published Sep 20, 2023

The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4... Moderate Unreviewed

CVE-2022-3466 was published Sep 15, 2023

Previous 1…20…54 Next

Previous 1 2 … 18 19 20 21 22 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,336 advisories