GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,984
npm
3,523
NuGet
611
pip
3,098
Pub
10
RubyGems
834
Rust
784
Swift
34
Unreviewed advisories
All unreviewed
5,000+
862 advisories
Filter by severity
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may...
High
Unreviewed
CVE-2023-43629
was published
May 16, 2024
Incorrect default permissions in some Endurance Gaming Mode software installers before version 1...
Moderate
Unreviewed
CVE-2023-42433
was published
May 16, 2024
nfpm has incorrect default permissions
High
CVE-2023-32698
was published
for
github.com/goreleaser/nfpm
(Go)
May 24, 2023
Incorrect default permissions in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows...
Moderate
Unreviewed
CVE-2023-27305
was published
Nov 14, 2023
Kaminari Insecure File Permissions Vulnerability
Moderate
CVE-2024-32978
was published
for
kaminari
(RubyGems)
May 28, 2024
An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The...
High
Unreviewed
CVE-2023-31468
was published
Sep 11, 2023
Microsoft Defender Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-20671
was published
Mar 12, 2024
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated...
High
Unreviewed
CVE-2024-37038
was published
Jun 12, 2024
Local privilege escalation due to insecure folder permissions. The following products are...
Moderate
Unreviewed
CVE-2024-34012
was published
Jun 14, 2024
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials
Low
GHSA-gmrm-8fx4-66x7
was published
for
org.keycloak:keycloak-core
(Maven)
Jun 18, 2024
•
withdrawn
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an...
Low
Unreviewed
CVE-2019-14861
was published
May 24, 2022
Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows...
Moderate
Unreviewed
CVE-2024-22385
was published
Jun 25, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could...
High
Unreviewed
CVE-2023-38370
was published
Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information...
Moderate
Unreviewed
CVE-2023-38368
was published
Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain...
Moderate
Unreviewed
CVE-2024-35139
was published
Jun 28, 2024
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console
Low
CVE-2024-5967
was published
for
org.keycloak:keycloak-ldap-federation
(Maven)
Jun 21, 2024
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows,...
High
Unreviewed
CVE-2024-4679
was published
Jul 2, 2024
Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops...
Moderate
Unreviewed
CVE-2024-2819
was published
Jul 2, 2024
Certain software builds for the TCL 30Z and TCL 10 Android devices contain a vulnerable, pre...
High
Unreviewed
CVE-2023-38295
was published
Apr 22, 2024
An issue was discovered in Logpoint 7.1 before 7.1.2. The daily executed cron file...
High
Unreviewed
CVE-2022-48685
was published
Apr 28, 2024
Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version...
Low
Unreviewed
CVE-2024-32368
was published
Apr 22, 2024
Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory.
High
Unreviewed
CVE-2024-34455
was published
May 3, 2024
Incorrect default permissions issue exists in Unifier and Unifier Cast Version.5.0 or later, and...
Moderate
Unreviewed
CVE-2024-23847
was published
May 31, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27148
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27150
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API