Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,901
Maven
5,000+
npm
3,631
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
SpiceDB exclusions can result in no permission returned when permission expected Low
CVE-2024-38361 was published for github.com/authzed/spicedb (Go) Jun 20, 2024
`docker cp` allows unexpected chmod of host files in Moby Docker Engine Low
CVE-2021-41089 was published for github.com/docker/docker (Go) Jun 10, 2024
LevanaXr ssst0n3
Authelia's Group Changes may not have the expected results (YAML file backend) Low
GHSA-x883-2vmg-xwf7 was published for github.com/authelia/authelia/v4 (Go) Apr 22, 2024
ezrizhu
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get... Low Unreviewed
CVE-2024-22177 was published Apr 2, 2024
Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows... Low Unreviewed
CVE-2023-30735 was published Oct 4, 2023
rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc Low
CVE-2023-25809 was published for github.com/opencontainers/runc (Go) Mar 30, 2023
AkihiroSuda
Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an... Low Unreviewed
CVE-2022-31237 was published Aug 23, 2022
A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new ... Low Unreviewed
CVE-2021-20263 was published May 24, 2022
The PKI keys exported using the command "run request security pki key-pair export" on Junos OS... Low Unreviewed
CVE-2019-0073 was published May 24, 2022
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x... Low Unreviewed
CVE-2013-6335 was published May 13, 2022
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world... Low Unreviewed
CVE-2001-0195 was published Apr 30, 2022
It's possible to execute anything with the rights of the author of a macro which uses the {{wikimacrocontent}} macro Low
CVE-2021-21379 was published for org.xwiki.platform:xwiki-platform-rendering-wikimacro-store (Maven) Mar 23, 2021
ProTip! Advisories are also available from the GraphQL API