Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,984
npm
3,523
NuGet
611
pip
3,098
Pub
10
RubyGems
834
Rust
784
Swift
34
Unreviewed advisories
All unreviewed
5,000+

401 advisories

Loading
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the... High Unreviewed
CVE-2020-12695 was published May 24, 2022
Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing... High Unreviewed
CVE-2023-23976 was published Apr 24, 2024
OpenStack Manila Unprivileged users can retrieve, use and manipulate share networks High
CVE-2020-9543 was published for manila (pip) May 24, 2022
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may... High Unreviewed
CVE-2023-24460 was published May 16, 2024
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may... High Unreviewed
CVE-2023-43629 was published May 16, 2024
nfpm has incorrect default permissions High
CVE-2023-32698 was published for github.com/goreleaser/nfpm (Go) May 24, 2023
oCHRISo caarlos0
djgilcrease
An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The... High Unreviewed
CVE-2023-31468 was published Sep 11, 2023
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated... High Unreviewed
CVE-2024-37038 was published Jun 12, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could... High Unreviewed
CVE-2023-38370 was published Jun 27, 2024
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows,... High Unreviewed
CVE-2024-4679 was published Jul 2, 2024
Certain software builds for the TCL 30Z and TCL 10 Android devices contain a vulnerable, pre... High Unreviewed
CVE-2023-38295 was published Apr 22, 2024
An issue was discovered in Logpoint 7.1 before 7.1.2. The daily executed cron file... High Unreviewed
CVE-2022-48685 was published Apr 28, 2024
Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. High Unreviewed
CVE-2024-34455 was published May 3, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27149 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27148 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27150 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27151 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27152 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27153 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27155 was published Jun 14, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several... High Unreviewed
CVE-2024-27167 was published Jun 14, 2024
A remote attacker using the insecure upload functionality will be able to overwrite any Python... High Unreviewed
CVE-2024-27171 was published Jun 14, 2024
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on... High Unreviewed
CVE-2024-3904 was published Jul 4, 2024
On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to... High Unreviewed
CVE-2024-4030 was published May 7, 2024
langchain_experimental Code Execution via Python REPL access High
CVE-2024-38459 was published for langchain-experimental (pip) Jun 16, 2024
ProTip! Advisories are also available from the GraphQL API