Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

574 advisories

Loading
Insecure inherited permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may... High Unreviewed
CVE-2022-46656 was published May 10, 2023
Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission... High Unreviewed
CVE-2023-28068 was published May 5, 2023
Apache Ranger Hive Plugin missing permissions check High
CVE-2021-40331 was published for org.apache.ranger:ranger-hive-plugin (Maven) May 5, 2023
Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows... High Unreviewed
CVE-2023-30399 was published May 4, 2023
An issue was discovered in Genomedics MilleGP5 5.9.2, allows remote attackers to execute... High Unreviewed
CVE-2023-25438 was published May 4, 2023
Privilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to... High Unreviewed
CVE-2023-22294 was published Apr 18, 2023
An Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos... High Unreviewed
CVE-2023-28960 was published Apr 18, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2,... High Unreviewed
CVE-2022-43773 was published Apr 3, 2023
RoboDK versions 5.5.3 and prior contain an insecure permission assignment to critical directories... High Unreviewed
CVE-2023-1516 was published Mar 28, 2023
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could set... High Unreviewed
CVE-2023-1135 was published Mar 27, 2023
An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06... High Unreviewed
CVE-2022-45552 was published Mar 3, 2023
Gnuboard 5.5.4 and 5.5.5 is vulnerable to Insecure Permissions. An attacker can change password... High Unreviewed
CVE-2022-44216 was published Feb 20, 2023
An issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows authenticated attackers to cause a... High Unreviewed
CVE-2021-3172 was published Feb 17, 2023
Insecure Permissions issue in jeecg-boot High
CVE-2021-37305 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 3, 2023
Insecure Permissions issue in jeecg-boot High
CVE-2021-37304 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 3, 2023
Insecure Permissions issue in jeecg-boot High
CVE-2021-37306 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 3, 2023
A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could... High Unreviewed
CVE-2022-42972 was published Feb 1, 2023
Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows authenticated remote... High Unreviewed
CVE-2022-44715 was published Jan 27, 2023
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to... High Unreviewed
CVE-2023-22592 was published Jan 18, 2023
Dell command configuration, version 4.8 and prior, contains improper folder permission when... High Unreviewed
CVE-2022-34457 was published Jan 18, 2023
A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git... High Unreviewed
CVE-2022-38065 was published Dec 21, 2022
A vulnerability has been identified in Simcenter STAR-CCM+ (All versions). The affected... High Unreviewed
CVE-2022-43517 was published Dec 13, 2022
Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for... High Unreviewed
CVE-2022-46792 was published Dec 8, 2022
OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a... High Unreviewed
CVE-2022-44725 was published Nov 18, 2022
CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of... High Unreviewed
CVE-2022-45193 was published Nov 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database