GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,854

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

529 advisories

Filter by severity

Sort by

Least recently updated

Gnuboard 5.5.4 and 5.5.5 is vulnerable to Insecure Permissions. An attacker can change password... High Unreviewed

CVE-2022-44216 was published Feb 20, 2023

An issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows authenticated attackers to cause a... High Unreviewed

CVE-2021-3172 was published Feb 17, 2023

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could... High Unreviewed

CVE-2022-42972 was published Feb 1, 2023

Improper File Permissions in NetScout nGeniusONE 6.3.2 build 904 allows authenticated remote... High Unreviewed

CVE-2022-44715 was published Jan 27, 2023

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to... High Unreviewed

CVE-2023-22592 was published Jan 18, 2023

Dell command configuration, version 4.8 and prior, contains improper folder permission when... High Unreviewed

CVE-2022-34457 was published Jan 18, 2023

A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git... High Unreviewed

CVE-2022-38065 was published Dec 21, 2022

A vulnerability has been identified in Simcenter STAR-CCM+ (All versions). The affected... High Unreviewed

CVE-2022-43517 was published Dec 13, 2022

Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for... High Unreviewed

CVE-2022-46792 was published Dec 8, 2022

OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a... High Unreviewed

CVE-2022-44725 was published Nov 18, 2022

CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of... High Unreviewed

CVE-2022-45193 was published Nov 12, 2022

Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1... High Unreviewed

CVE-2022-39883 was published Nov 10, 2022

Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed

CVE-2022-44732 was published Nov 8, 2022

Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed

CVE-2022-44733 was published Nov 8, 2022

Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on... High Unreviewed

CVE-2022-3258 was published Nov 4, 2022

The Automox Agent before 40 on Windows incorrectly sets permissions on key files. High Unreviewed

CVE-2022-36122 was published Oct 21, 2022

An Incorrect Permission Assignment vulnerability in shell processing of Juniper Networks Junos OS... High Unreviewed

CVE-2022-22248 was published Oct 18, 2022

A local unprivileged attacker may escalate to administrator privileges in Honeywell SoftMaster... High Unreviewed

CVE-2022-2332 was published Sep 17, 2022

In addOrUpdateNetwork of WifiServiceImpl.java, there is a possible way for a guest user to... High Unreviewed

CVE-2022-20398 was published Sep 14, 2022

CuppaCMS 1.0 is vulnerable to Remote Code Execution (RCE). An authenticated user can control both... High Unreviewed

CVE-2022-37190 was published Sep 14, 2022

Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an... High Unreviewed

CVE-2022-37458 was published Sep 3, 2022

An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6... High Unreviewed

CVE-2022-32777 was published Aug 23, 2022

An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6... High Unreviewed

CVE-2022-32778 was published Aug 23, 2022

In Wifi, there is a possible way to enable Wifi without permissions due to a missing permission... High Unreviewed

CVE-2022-20329 was published Aug 13, 2022

In Keyguard, there is a missing permission check. This could lead to local escalation of... High Unreviewed

CVE-2022-20274 was published Aug 13, 2022

Previous 1 2 3 4 5 6 7 … 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

529 advisories