Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

832 advisories

Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio... Moderate Unreviewed
CVE-2022-4964 was published Jan 24, 2024
A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID... Moderate Unreviewed
CVE-2024-0770 was published Jan 22, 2024
Incorrect default permissions in some Intel Integrated Sensor Hub (ISH) driver for Windows 10 for... Moderate Unreviewed
CVE-2023-29244 was published Jan 19, 2024
Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions... High Unreviewed
CVE-2024-22428 was published Jan 16, 2024
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning... Moderate Unreviewed
CVE-2023-6457 was published Jan 16, 2024
[PROBLEMTYPE] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT]. Moderate Unreviewed
CVE-2022-45793 was published Jan 10, 2024
Insecure Permissions vulnerability in fit2cloud Cloud Explorer Lite version 1.4.1, allow local... High Unreviewed
CVE-2023-50612 was published Jan 6, 2024
A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows... Moderate Unreviewed
CVE-2023-5536 was published Dec 12, 2023
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow... Moderate Unreviewed
CVE-2023-28870 was published Dec 9, 2023
Permission management vulnerability in the PMS module. Successful exploitation of this... Critical Unreviewed
CVE-2023-46773 was published Dec 6, 2023
Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to... High Unreviewed
CVE-2023-37572 was published Dec 5, 2023
Insecure Permissions vulnerability in GL.iNet AX1800 v.3.215 and before allows a remote attacker... Critical Unreviewed
CVE-2023-47462 was published Nov 29, 2023
Apache Superset has Incorrect Default Permissions Moderate
CVE-2023-42501 was published for apache-superset (pip) Nov 27, 2023
In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11... High Unreviewed
CVE-2023-47250 was published Nov 22, 2023
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default... Moderate Unreviewed
CVE-2023-43081 was published Nov 22, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information or... High Unreviewed
CVE-2023-3116 was published Nov 20, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information... Moderate Unreviewed
CVE-2023-42774 was published Nov 20, 2023
IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation... High Unreviewed
CVE-2023-40363 was published Nov 18, 2023
Insecure permissions in the setNFZEnable function of Autel Robotics EVO Nano drone v1.6.5 allows... Moderate Unreviewed
CVE-2023-47335 was published Nov 16, 2023
Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may... Moderate Unreviewed
CVE-2023-32638 was published Nov 14, 2023
Incorrect default permissions in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows... Moderate Unreviewed
CVE-2023-27305 was published Nov 14, 2023
A privilege escalation vulnerability was reported in Lenovo preloaded devices deployed using... High Unreviewed
CVE-2023-4706 was published Nov 9, 2023
Ivanti Avalanche Incorrect Default Permissions allows Local Privilege Escalation Vulnerability High Unreviewed
CVE-2023-41726 was published Nov 3, 2023
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files,... Moderate Unreviewed
CVE-2023-4091 was published Nov 3, 2023
A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of... Moderate Unreviewed
CVE-2022-4575 was published Oct 30, 2023
ProTip! Advisories are also available from the GraphQL API