GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,763
Maven
4,988
npm
3,525
NuGet
615
pip
3,099
Pub
10
RubyGems
834
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+
401 advisories
Filter by severity
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the...
High
Unreviewed
CVE-2020-12695
was published
May 24, 2022
An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop...
High
Unreviewed
CVE-2023-27035
was published
May 2, 2023
In Nokia One-NDS (aka Network Directory Server) through 20.9, some Sudo permissions can be...
High
Unreviewed
CVE-2022-30759
was published
May 2, 2023
A valid XCC user's local account permissions overrides their active directory permissions under...
High
Unreviewed
CVE-2023-29057
was published
Jul 6, 2023
Incorrect default permissions in the Intel(R) SCS Add-on software installer for Microsoft SCCM...
High
Unreviewed
CVE-2023-22440
was published
May 10, 2023
On versions of Sage 300 2017 - 2022 (6.4.x - 6.9.x) which are setup in a "Windows Peer-to-Peer...
High
Unreviewed
CVE-2022-38583
was published
Apr 28, 2023
A directory permissions management vulnerability in Lenovo System Update may allow elevation of...
High
Unreviewed
CVE-2022-4568
was published
May 1, 2023
A vulnerability was reported in Elliptic Labs Virtual Lock Sensor for ThinkPad T14 Gen 3 that...
High
Unreviewed
CVE-2023-3112
was published
Oct 25, 2023
The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-35183
was published
Oct 19, 2023
The SolarWinds Access Rights Manager was susceptible to Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2023-35181
was published
Oct 19, 2023
An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an...
High
Unreviewed
CVE-2023-44194
was published
Oct 13, 2023
A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo...
High
Unreviewed
CVE-2022-3431
was published
Oct 9, 2023
Incorrect Default Permissions vulnerability in Hitachi JP1/Performance Management on Windows...
High
Unreviewed
CVE-2023-3440
was published
Oct 3, 2023
Incorrect Default Permissions vulnerability due to incomplete fix to address CVE-2020-14496 in...
High
Unreviewed
CVE-2023-4088
was published
Sep 20, 2023
Insecure default permissions in Wing FTP Server (Admin Web Client) allows for privilege...
High
Unreviewed
CVE-2023-37878
was published
Sep 14, 2023
Dell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low...
High
Unreviewed
CVE-2023-32492
was published
Aug 16, 2023
Incorrect default permissions in some Intel(R) RealSense(TM) SDKs in version 0.25.0 may allow an...
High
Unreviewed
CVE-2023-32663
was published
Aug 11, 2023
Incorrect default permissions in the MAVinci Desktop Software for Intel(R) Falcon 8+ before...
High
Unreviewed
CVE-2023-32547
was published
Aug 11, 2023
Incorrect default permissions in the Intel(R) ITS sofware before version 3.1 may allow...
High
Unreviewed
CVE-2023-32543
was published
Aug 11, 2023
Incorrect default permissions in some Intel(R) SDP Tool software before version 1.4 build 5 may...
High
Unreviewed
CVE-2023-31246
was published
Aug 11, 2023
Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software...
High
Unreviewed
CVE-2023-27505
was published
Aug 11, 2023
Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager...
High
Unreviewed
CVE-2020-36695
was published
Jul 18, 2023
Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed hawk2 package allows users...
High
Unreviewed
CVE-2023-32183
was published
Jul 7, 2023
NGINX Management Suite default file permissions are set such that an authenticated attacker may...
High
Unreviewed
CVE-2023-28724
was published
Jul 6, 2023
There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to...
High
Unreviewed
CVE-2023-25645
was published
Jun 16, 2023
ProTip!
Advisories are also available from the
GraphQL API