Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

351 advisories

Incorrect default permissions in some Endurance Gaming Mode software installers before version 1... Moderate Unreviewed
CVE-2023-42433 was published May 16, 2024
Incorrect default permissions in some onboard video driver software before version 1.14 for Intel... Moderate Unreviewed
CVE-2023-42668 was published May 16, 2024
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2024-34011 was published Apr 29, 2024
In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances... Moderate Unreviewed
CVE-2024-29967 was published Apr 19, 2024
Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes... Moderate Unreviewed
CVE-2024-29962 was published Apr 19, 2024
An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved... Moderate Unreviewed
CVE-2024-21615 was published Apr 12, 2024
Dell Grab for Windows, versions up to and including 5.0.4, contain Weak Application Folder... Moderate Unreviewed
CVE-2024-25958 was published Mar 26, 2024
ROTP 6.2.2 and 6.2.1 has 0666 permissions for the .rb files. Moderate
CVE-2024-28862 was published for rotp (RubyGems) Mar 18, 2024
G-Rath
Incorrect default permissions in some Intel(R) CSME installer software before version 2328.5.5.0... Moderate Unreviewed
CVE-2023-28389 was published Mar 14, 2024
Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers users Moderate
CVE-2024-26280 was published for apache-airflow (pip) Mar 1, 2024
oscerd sunSUNQ
Sensitive information disclosure due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2023-48678 was published Feb 27, 2024
The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and... Moderate Unreviewed
CVE-2024-25605 was published Feb 20, 2024
Pkg Local Privilege Escalation Moderate
CVE-2024-24828 was published for pkg (npm) Feb 9, 2024
TomiBelan
Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions... Moderate Unreviewed
CVE-2024-22430 was published Feb 1, 2024
A vulnerability has been reported in Suite Setups built with versions prior to InstallShield 2023... Moderate Unreviewed
CVE-2023-29081 was published Jan 26, 2024
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio... Moderate Unreviewed
CVE-2022-4964 was published Jan 24, 2024
A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID... Moderate Unreviewed
CVE-2024-0770 was published Jan 22, 2024
Incorrect default permissions in some Intel Integrated Sensor Hub (ISH) driver for Windows 10 for... Moderate Unreviewed
CVE-2023-29244 was published Jan 19, 2024
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning... Moderate Unreviewed
CVE-2023-6457 was published Jan 16, 2024
[PROBLEMTYPE] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT]. Moderate Unreviewed
CVE-2022-45793 was published Jan 10, 2024
A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows... Moderate Unreviewed
CVE-2023-5536 was published Dec 12, 2023
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow... Moderate Unreviewed
CVE-2023-28870 was published Dec 9, 2023
Apache Superset has Incorrect Default Permissions Moderate
CVE-2023-42501 was published for apache-superset (pip) Nov 27, 2023
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default... Moderate Unreviewed
CVE-2023-43081 was published Nov 22, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information... Moderate Unreviewed
CVE-2023-42774 was published Nov 20, 2023
ProTip! Advisories are also available from the GraphQL API