GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
84 advisories
Filter by severity
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows...
Critical
Unreviewed
CVE-2024-24117
was published
Oct 2, 2024
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead...
Critical
Unreviewed
CVE-2024-10018
was published
Oct 16, 2024
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430,...
Critical
Unreviewed
CVE-2023-40622
was published
Sep 13, 2023
Improper permission configurationDomain configuration vulnerability of the mobile application ...
Critical
Unreviewed
CVE-2024-8039
was published
Sep 16, 2024
A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All...
Critical
Unreviewed
CVE-2024-41171
was published
Sep 10, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue...
Critical
Unreviewed
CVE-2024-3375
was published
Apr 29, 2024
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user...
Critical
Unreviewed
CVE-2024-5163
was published
Jun 17, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics...
Critical
Unreviewed
CVE-2024-5618
was published
Jul 18, 2024
Insecure Permissions vulnerability in Guangzhou Yingshi Electronic Technology Co. Ncast Yingshi...
Critical
Unreviewed
CVE-2024-33435
was published
Apr 29, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Critical
Unreviewed
CVE-2024-33499
was published
May 14, 2024
Insecure permissions in the configuration directory (/conf/) of OPNsense before 23.7 allow...
Critical
Unreviewed
CVE-2023-39004
was published
Aug 9, 2023
Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on...
Critical
Unreviewed
CVE-2023-0834
was published
Apr 28, 2023
Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability....
Critical
Unreviewed
CVE-2019-8071
was published
May 24, 2022
An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable...
Critical
Unreviewed
CVE-2019-11526
was published
May 24, 2022
In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on...
Critical
Unreviewed
CVE-2018-20871
was published
May 24, 2022
Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is:...
Critical
Unreviewed
CVE-2019-1010101
was published
May 24, 2022
DGLogik Inc DGLux Server All Versions is affected by: Insecure Permissions. The impact is: Remote...
Critical
Unreviewed
CVE-2019-1010009
was published
May 24, 2022
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion.
Critical
Unreviewed
CVE-2018-14916
was published
May 24, 2022
Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com...
Critical
Unreviewed
CVE-2018-10171
was published
May 24, 2022
ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and chown entire server from client...
Critical
Unreviewed
CVE-2012-2087
was published
Apr 23, 2022
Kentico 11 through 12 lets attackers upload and explore files without authentication via the...
Critical
Unreviewed
CVE-2019-12102
was published
May 24, 2022
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform...
Critical
Unreviewed
CVE-2024-21915
was published
Feb 16, 2024
Request to LDAP is sent before user permissions are checked.
Critical
Unreviewed
CVE-2023-32723
was published
Oct 12, 2023
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on...
Critical
Unreviewed
CVE-2023-6593
was published
Dec 12, 2023
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the...
Critical
Unreviewed
CVE-2023-46141
was published
Dec 14, 2023
ProTip!
Advisories are also available from the
GraphQL API