GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,018 advisories
Filter by severity
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
High
Unreviewed
CVE-2023-4332
was published
Aug 15, 2023
Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow...
High
Unreviewed
CVE-2023-28658
was published
Aug 11, 2023
OPNsense before 23.7 was discovered to contain insecure permissions in the directory /tmp.
High
Unreviewed
CVE-2023-39003
was published
Aug 9, 2023
Insecure permissions in the configuration directory (/conf/) of OPNsense before 23.7 allow...
Critical
Unreviewed
CVE-2023-39004
was published
Aug 9, 2023
Insecure permissions exist for configd.socket in OPNsense before 23.7.
High
Unreviewed
CVE-2023-39005
was published
Aug 9, 2023
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected...
High
Unreviewed
CVE-2022-39062
was published
Aug 8, 2023
An issue in the delete function in the ActModelController class of jeesite v1.2.6 allows...
Moderate
Unreviewed
CVE-2023-38991
was published
Aug 4, 2023
A vulnerability in the privilege management functionality of all Cisco BroadWorks server types...
High
Unreviewed
CVE-2023-20216
was published
Aug 4, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various...
High
Unreviewed
CVE-2023-3322
was published
Jul 24, 2023
Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted...
High
Unreviewed
CVE-2023-28133
was published
Jul 23, 2023
SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing...
High
Unreviewed
CVE-2023-33990
was published
Jul 11, 2023
When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions...
High
Unreviewed
CVE-2023-35870
was published
Jul 11, 2023
No access control for the OTP key
on OTP entries
in Devolutions Remote Desktop Manager...
Moderate
Unreviewed
CVE-2023-1939
was published
Jul 6, 2023
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE...
High
Unreviewed
CVE-2022-43946
was published
Jul 6, 2023
An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions.
High
Unreviewed
CVE-2022-44719
was published
Jun 29, 2023
In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an...
High
Unreviewed
CVE-2023-37237
was published
Jun 29, 2023
Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An...
Moderate
Unreviewed
CVE-2023-35799
was published
Jun 27, 2023
Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL...
Moderate
Unreviewed
CVE-2023-35800
was published
Jun 27, 2023
An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows...
High
Unreviewed
CVE-2023-29860
was published
Jun 23, 2023
Default permissions for a properties file were too permissive. Local system users could read...
Low
Unreviewed
CVE-2023-26427
was published
Jun 20, 2023
Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of...
High
Unreviewed
CVE-2023-34154
was published
Jun 16, 2023
Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows...
Moderate
Unreviewed
CVE-2023-34797
was published
Jun 15, 2023
IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critical resource in a...
High
Unreviewed
CVE-2022-33163
was published
Jun 15, 2023
A vulnerability has been identified in POWER METER SICAM Q200 family (All versions < V2.70)....
Moderate
Unreviewed
CVE-2023-31238
was published
Jun 13, 2023
A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). Affected...
High
Unreviewed
CVE-2023-30897
was published
Jun 13, 2023
ProTip!
Advisories are also available from the
GraphQL API