GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,056

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,388 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1... High Unreviewed

CVE-2022-39883 was published Nov 10, 2022

Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022... Low Unreviewed

CVE-2022-39887 was published Nov 10, 2022

CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of... High Unreviewed

CVE-2022-45193 was published Nov 12, 2022

IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission... Low Unreviewed

CVE-2022-34314 was published Nov 15, 2022

Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on... Moderate Unreviewed

CVE-2022-38461 was published Nov 18, 2022

OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a... High Unreviewed

CVE-2022-44725 was published Nov 18, 2022

Automotive Shop Management System v1.0 is vulnerable to Delete any file via /asms/classes/Master... Moderate Unreviewed

CVE-2022-44280 was published Nov 23, 2022

Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the... Moderate Unreviewed

CVE-2022-45304 was published Nov 29, 2022

Insecure permissions in Chocolatey Ruby package v3.1.2.1 and below grants all users in the... Moderate Unreviewed

CVE-2022-45301 was published Nov 29, 2022

Insecure permissions in Chocolatey Python3 package v3.11.0 and below grants all users in the... Moderate Unreviewed

CVE-2022-45305 was published Nov 29, 2022

Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all... Moderate Unreviewed

CVE-2022-45306 was published Nov 29, 2022

Insecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the... Moderate Unreviewed

CVE-2022-45307 was published Nov 29, 2022

g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to... Moderate Unreviewed

CVE-2022-46338 was published Nov 30, 2022

ZTE OTCP product is impacted by a permission and access control vulnerability. Due to improper... Moderate Unreviewed

CVE-2022-23143 was published Dec 6, 2022

Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for... High Unreviewed

CVE-2022-46792 was published Dec 8, 2022

A vulnerability has been identified in Simcenter STAR-CCM+ (All versions). The affected... High Unreviewed

CVE-2022-43517 was published Dec 13, 2022

SilverStripe Subsite weakens file permissions Moderate

CVE-2022-42949 was published for silverstripe/subsites (Composer) Dec 19, 2022

A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git... High Unreviewed

CVE-2022-38065 was published Dec 21, 2022

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master. Moderate Unreviewed

CVE-2022-4630 was published Dec 21, 2022

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39... Moderate Unreviewed

CVE-2022-47927 was published Jan 12, 2023

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15... Moderate Unreviewed

CVE-2022-4365 was published Jan 12, 2023

EXFO - BV-10 Performance Endpoint Unit misconfiguration. System configuration file has... Moderate Unreviewed

CVE-2022-39186 was published Jan 12, 2023

In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp. Moderate Unreviewed

CVE-2022-48257 was published Jan 13, 2023

Dell command configuration, version 4.8 and prior, contains improper folder permission when... High Unreviewed

CVE-2022-34457 was published Jan 18, 2023

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to... High Unreviewed

CVE-2023-22592 was published Jan 18, 2023

Previous 1…37…56 Next

Previous 1 2 … 35 36 37 38 39 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,388 advisories