Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,388 advisories

Loading
In exported content providers of ShannonRcs, there is a possible way to get access to protected... Moderate Unreviewed
CVE-2023-20923 was published Jan 26, 2023
Dentsply Sirona Sidexis <= 4.3 is vulnerable to Incorrect Access Control. High Unreviewed
CVE-2022-44263 was published Jan 27, 2023
Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows authenticated remote... High Unreviewed
CVE-2022-44715 was published Jan 27, 2023
Docker version 20.10.15, build fd82621 is vulnerable to Insecure Permissions. Unauthorized users... Moderate Unreviewed
CVE-2022-37708 was published Feb 1, 2023
A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could... High Unreviewed
CVE-2022-42972 was published Feb 1, 2023
In BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x... Moderate Unreviewed
CVE-2023-22326 was published Feb 1, 2023
Insecure Permissions issue in jeecg-boot High
CVE-2021-37304 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 3, 2023
Insecure Permissions issue in jeecg-boot High
CVE-2021-37306 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 3, 2023
Insecure Permissions issue in jeecg-boot High
CVE-2021-37305 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 3, 2023
Sensitive Cookie Without 'HttpOnly' Flag vulnerability in Johnson Controls System Configuration... Moderate Unreviewed
CVE-2022-21939 was published Feb 9, 2023
An issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows authenticated attackers to cause a... High Unreviewed
CVE-2021-3172 was published Feb 17, 2023
Gnuboard 5.5.4 and 5.5.5 is vulnerable to Insecure Permissions. An attacker can change password... High Unreviewed
CVE-2022-44216 was published Feb 20, 2023
Clash for Windows v0.20.12 was discovered to contain a remote code execution (RCE) vulnerability... Critical Unreviewed
CVE-2023-24205 was published Feb 24, 2023
An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06... High Unreviewed
CVE-2022-45552 was published Mar 3, 2023
Azure/setup-kubectl: Escalation of privilege vulnerability for v3 and lower Low
CVE-2023-23939 was published for Azure/setup-kubectl (GitHub Actions) Mar 7, 2023
Permissions vulnerability found in isoftforce Dreamer CMS v.4.0.1 allows local attackers to... Moderate Unreviewed
CVE-2023-27084 was published Mar 16, 2023
Exposure of Sensitive Information in OpenGoofy Hippo4j Moderate
CVE-2023-27095 was published for cn.hippo4j:hippo4j-core (Maven) Mar 16, 2023
The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.5 has a flawed CSRF and... Moderate Unreviewed
CVE-2022-4148 was published Mar 20, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3146 was published for tripleo-ansible (pip) Mar 23, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3101 was published for tripleo-ansible (pip) Mar 23, 2023
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could set... High Unreviewed
CVE-2023-1135 was published Mar 27, 2023
Hippo4j allows attacker to obtain sensitive info via ConfigVerifyController function of Tenant Management module Moderate
CVE-2023-27096 was published for cn.hippo4j:hippo4j-all (Maven) Mar 27, 2023
RoboDK versions 5.5.3 and prior contain an insecure permission assignment to critical directories... High Unreviewed
CVE-2023-1516 was published Mar 28, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2,... High Unreviewed
CVE-2022-43773 was published Apr 3, 2023
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but... Moderate Unreviewed
CVE-2023-0225 was published Apr 4, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database