GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,984
npm
3,523
NuGet
611
pip
3,098
Pub
10
RubyGems
834
Rust
784
Swift
34
Unreviewed advisories
All unreviewed
5,000+
401 advisories
Filter by severity
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the...
High
Unreviewed
CVE-2020-12695
was published
May 24, 2022
Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing...
High
Unreviewed
CVE-2023-23976
was published
Apr 24, 2024
OpenStack Manila Unprivileged users can retrieve, use and manipulate share networks
High
CVE-2020-9543
was published
for
manila
(pip)
May 24, 2022
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may...
High
Unreviewed
CVE-2023-24460
was published
May 16, 2024
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may...
High
Unreviewed
CVE-2023-43629
was published
May 16, 2024
nfpm has incorrect default permissions
High
CVE-2023-32698
was published
for
github.com/goreleaser/nfpm
(Go)
May 24, 2023
An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The...
High
Unreviewed
CVE-2023-31468
was published
Sep 11, 2023
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated...
High
Unreviewed
CVE-2024-37038
was published
Jun 12, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could...
High
Unreviewed
CVE-2023-38370
was published
Jun 27, 2024
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows,...
High
Unreviewed
CVE-2024-4679
was published
Jul 2, 2024
Certain software builds for the TCL 30Z and TCL 10 Android devices contain a vulnerable, pre...
High
Unreviewed
CVE-2023-38295
was published
Apr 22, 2024
An issue was discovered in Logpoint 7.1 before 7.1.2. The daily executed cron file...
High
Unreviewed
CVE-2022-48685
was published
Apr 28, 2024
Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory.
High
Unreviewed
CVE-2024-34455
was published
May 3, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27149
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27148
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27150
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27151
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27152
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27153
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27155
was published
Jun 14, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several...
High
Unreviewed
CVE-2024-27167
was published
Jun 14, 2024
A remote attacker using the insecure upload functionality will be able to overwrite any Python...
High
Unreviewed
CVE-2024-27171
was published
Jun 14, 2024
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on...
High
Unreviewed
CVE-2024-3904
was published
Jul 4, 2024
On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to...
High
Unreviewed
CVE-2024-4030
was published
May 7, 2024
langchain_experimental Code Execution via Python REPL access
High
CVE-2024-38459
was published
for
langchain-experimental
(pip)
Jun 16, 2024
ProTip!
Advisories are also available from the
GraphQL API