Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,984
npm
3,523
NuGet
611
pip
3,098
Pub
10
RubyGems
834
Rust
784
Swift
34
Unreviewed advisories
All unreviewed
5,000+

862 advisories

Loading
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may... High Unreviewed
CVE-2023-43629 was published May 16, 2024
Incorrect default permissions in some Endurance Gaming Mode software installers before version 1... Moderate Unreviewed
CVE-2023-42433 was published May 16, 2024
nfpm has incorrect default permissions High
CVE-2023-32698 was published for github.com/goreleaser/nfpm (Go) May 24, 2023
oCHRISo caarlos0
djgilcrease
Incorrect default permissions in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows... Moderate Unreviewed
CVE-2023-27305 was published Nov 14, 2023
Kaminari Insecure File Permissions Vulnerability Moderate
CVE-2024-32978 was published for kaminari (RubyGems) May 28, 2024
G-Rath
An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The... High Unreviewed
CVE-2023-31468 was published Sep 11, 2023
Microsoft Defender Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-20671 was published Mar 12, 2024
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated... High Unreviewed
CVE-2024-37038 was published Jun 12, 2024
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2024-34012 was published Jun 14, 2024
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials Low
GHSA-gmrm-8fx4-66x7 was published for org.keycloak:keycloak-core (Maven) Jun 18, 2024 withdrawn
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an... Low Unreviewed
CVE-2019-14861 was published May 24, 2022
Incorrect Default Permissions vulnerability in Hitachi Storage Provider for VMware vCenter allows... Moderate Unreviewed
CVE-2024-22385 was published Jun 25, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could... High Unreviewed
CVE-2023-38370 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information... Moderate Unreviewed
CVE-2023-38368 was published Jun 27, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain... Moderate Unreviewed
CVE-2024-35139 was published Jun 28, 2024
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console Low
CVE-2024-5967 was published for org.keycloak:keycloak-ldap-federation (Maven) Jun 21, 2024
MarkLee131
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows,... High Unreviewed
CVE-2024-4679 was published Jul 2, 2024
Incorrect Default Permissions, Improper Preservation of Permissions vulnerability in Hitachi Ops... Moderate Unreviewed
CVE-2024-2819 was published Jul 2, 2024
Certain software builds for the TCL 30Z and TCL 10 Android devices contain a vulnerable, pre... High Unreviewed
CVE-2023-38295 was published Apr 22, 2024
An issue was discovered in Logpoint 7.1 before 7.1.2. The daily executed cron file... High Unreviewed
CVE-2022-48685 was published Apr 28, 2024
Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version... Low Unreviewed
CVE-2024-32368 was published Apr 22, 2024
Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. High Unreviewed
CVE-2024-34455 was published May 3, 2024
Incorrect default permissions issue exists in Unifier and Unifier Cast Version.5.0 or later, and... Moderate Unreviewed
CVE-2024-23847 was published May 31, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27148 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27150 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API