GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
358 advisories
Filter by severity
The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and...
Moderate
Unreviewed
CVE-2024-25605
was published
Feb 20, 2024
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure...
Moderate
Unreviewed
CVE-2001-0497
was published
Apr 30, 2022
Silverstripe has Incorrect Default Permissions
Moderate
CVE-2020-6165
was published
for
silverstripe/graphql
(Composer)
May 24, 2022
A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to...
Moderate
Unreviewed
CVE-2023-20043
was published
Jan 20, 2023
Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions...
Moderate
Unreviewed
CVE-2024-22430
was published
Feb 1, 2024
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio...
Moderate
Unreviewed
CVE-2022-4964
was published
Jan 24, 2024
CSRF vulnerability in Jenkins Coverity Plugin allow capturing credentials
Moderate
CVE-2023-23848
was published
for
org.jenkins-ci.plugins:synopsys-coverity
(Maven)
Feb 15, 2023
Jenkins Build Step Plugin fails to check Item/Build permission
Moderate
CVE-2017-1000089
was published
for
org.jenkins-ci.plugins:pipeline-build-step
(Maven)
May 13, 2022
Missing permission checks in AWS Credentials Plugin
Moderate
CVE-2022-27199
was published
for
org.jenkins-ci.plugins:aws-credentials
(Maven)
Mar 16, 2022
A vulnerability has been reported in Suite Setups built with versions prior to InstallShield 2023...
Moderate
Unreviewed
CVE-2023-29081
was published
Jan 26, 2024
Incorrect Default Permissions in log4js
Moderate
CVE-2022-21704
was published
for
log4js
(npm)
Jan 21, 2022
An insufficient permission check vulnerability exists in Pulse Connect Secure <9.1R8 that allows...
Moderate
Unreviewed
CVE-2020-8219
was published
May 24, 2022
A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID...
Moderate
Unreviewed
CVE-2024-0770
was published
Jan 22, 2024
Incorrect default permissions in some Intel Integrated Sensor Hub (ISH) driver for Windows 10 for...
Moderate
Unreviewed
CVE-2023-29244
was published
Jan 19, 2024
Moodle Incorrect Default Settings
Moderate
CVE-2011-4285
was published
for
moodle/moodle
(Composer)
May 13, 2022
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning...
Moderate
Unreviewed
CVE-2023-6457
was published
Jan 16, 2024
Magento incorrect permissions vulnerability in the Integrations component
Moderate
CVE-2020-24402
was published
for
magento/community-edition
(Composer)
May 24, 2022
[PROBLEMTYPE] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT].
Moderate
Unreviewed
CVE-2022-45793
was published
Jan 10, 2024
Incorrect permission checks in Jenkins Support Core Plugin
Moderate
CVE-2022-45383
was published
for
org.jenkins-ci.plugins:support-core
(Maven)
Nov 16, 2022
Parameterized Trigger Plugin fails to check Item/Build permission
Moderate
CVE-2017-1000084
was published
for
org.jenkins-ci.plugins:parameterized-trigger
(Maven)
May 13, 2022
Moodle default permissions too permissive
Moderate
CVE-2012-1157
was published
for
moodle/moodle
(Composer)
Apr 23, 2022
A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows...
Moderate
Unreviewed
CVE-2023-5536
was published
Dec 12, 2023
Jenkins Libvirt Slaves Plugin vlnerable to Incorrect Default Permissions
Moderate
CVE-2019-10472
was published
for
org.jenkins-ci.plugins:libvirt-slave
(Maven)
May 24, 2022
Jenkins Libvirt Slaves Plugin vlnerable to Credential Enumeration
Moderate
CVE-2019-10473
was published
for
org.jenkins-ci.plugins:libvirt-slave
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API