Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,964
Erlang
29
GitHub Actions
16
Go
1,746
Maven
4,974
npm
3,507
NuGet
609
pip
3,071
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

355 advisories

Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2024-34012 was published Jun 14, 2024
An attacker with admin access can install rogue applications. As for the affected products/models... Moderate Unreviewed
CVE-2024-27180 was published Jun 14, 2024
Microsoft Defender Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-20671 was published Mar 12, 2024
Kaminari Insecure File Permissions Vulnerability Moderate
CVE-2024-32978 was published for kaminari (RubyGems) May 28, 2024
G-Rath
Incorrect default permissions in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows... Moderate Unreviewed
CVE-2023-27305 was published Nov 14, 2023
Incorrect default permissions in some Endurance Gaming Mode software installers before version 1... Moderate Unreviewed
CVE-2023-42433 was published May 16, 2024
Incorrect default permissions in some onboard video driver software before version 1.14 for Intel... Moderate Unreviewed
CVE-2023-42668 was published May 16, 2024
Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers users Moderate
CVE-2024-26280 was published for apache-airflow (pip) Mar 1, 2024
oscerd sunSUNQ
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files,... Moderate Unreviewed
CVE-2023-4091 was published Nov 3, 2023
Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2024-34011 was published Apr 29, 2024
Dolibarr Stored Cross-site Scripting Moderate
CVE-2020-13240 was published for dolibarr/dolibarr (Composer) May 24, 2022
Drupal Core Access bypass vulnerability Moderate
CVE-2020-13667 was published for drupal/core (Composer) May 24, 2022
Incorrect Default Permissions in Beego Moderate
CVE-2019-16355 was published for github.com/astaxie/beego (Go) May 24, 2022
Information disclosure in the Contao backend Moderate
CVE-2019-19712 was published for contao/contao (Composer) Dec 17, 2019
In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances... Moderate Unreviewed
CVE-2024-29967 was published Apr 19, 2024
Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes... Moderate Unreviewed
CVE-2024-29962 was published Apr 19, 2024
An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved... Moderate Unreviewed
CVE-2024-21615 was published Apr 12, 2024
Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an... Moderate Unreviewed
CVE-2023-2737 was published Aug 16, 2023
An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0... Moderate Unreviewed
CVE-2022-33877 was published Jun 13, 2023
A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged... Moderate Unreviewed
CVE-2023-23344 was published Jun 23, 2023
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura... Moderate Unreviewed
CVE-2023-28192 was published May 8, 2023
A permissions issue was addressed with improved redaction of sensitive information. This issue is... Moderate Unreviewed
CVE-2023-34352 was published Sep 6, 2023
In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user... Moderate Unreviewed
CVE-2019-18367 was published May 24, 2022
Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux... Moderate Unreviewed
CVE-2023-45690 was published Oct 16, 2023
A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in... Moderate Unreviewed
CVE-2023-4065 was published Sep 27, 2023
ProTip! Advisories are also available from the GraphQL API