GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 18,873
Composer 3,683
Erlang 29
GitHub Actions 16
Go 1,708
Maven 4,944
npm 3,473
NuGet 603
pip 2,995
Pub 10
RubyGems 826
Rust 773
Swift 34

Unreviewed advisories

All unreviewed 218,409

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

832 advisories

Filter by severity

Sort by

Least recently updated

Incorrect default permissions in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows... Moderate Unreviewed

CVE-2023-27305 was published Nov 14, 2023

nfpm has incorrect default permissions High

CVE-2023-32698 was published for github.com/goreleaser/nfpm (Go) May 24, 2023

Incorrect default permissions in some Endurance Gaming Mode software installers before version 1... Moderate Unreviewed

CVE-2023-42433 was published May 16, 2024

Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may... High Unreviewed

CVE-2023-43629 was published May 16, 2024

Incorrect default permissions in some onboard video driver software before version 1.14 for Intel... Moderate Unreviewed

CVE-2023-42668 was published May 16, 2024

Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may... High Unreviewed

CVE-2023-24460 was published May 16, 2024

On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to... Unknown Unreviewed

CVE-2024-4030 was published May 7, 2024

Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers users Moderate

CVE-2024-26280 was published for apache-airflow (pip) Mar 1, 2024

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files,... Moderate Unreviewed

CVE-2023-4091 was published Nov 3, 2023

Local privilege escalation due to insecure folder permissions. The following products are... Moderate Unreviewed

CVE-2024-34011 was published Apr 29, 2024

OpenStack Manila Unprivileged users can retrieve, use and manipulate share networks High

CVE-2020-9543 was published for manila (pip) May 24, 2022

Dolibarr Stored Cross-site Scripting Moderate

CVE-2020-13240 was published for dolibarr/dolibarr (Composer) May 24, 2022

Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing... High Unreviewed

CVE-2023-23976 was published Apr 24, 2024

Drupal Core Access bypass vulnerability Moderate

CVE-2020-13667 was published for drupal/core (Composer) May 24, 2022

Incorrect Default Permissions in Beego Moderate

CVE-2019-16355 was published for github.com/astaxie/beego (Go) May 24, 2022

Information disclosure in the Contao backend Moderate

CVE-2019-19712 was published for contao/contao (Composer) Dec 17, 2019

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the... High Unreviewed

CVE-2020-12695 was published May 24, 2022

In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances... Moderate Unreviewed

CVE-2024-29967 was published Apr 19, 2024

Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes... Moderate Unreviewed

CVE-2024-29962 was published Apr 19, 2024

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved... Moderate Unreviewed

CVE-2024-21615 was published Apr 12, 2024

An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop... High Unreviewed

CVE-2023-27035 was published May 2, 2023

In Nokia One-NDS (aka Network Directory Server) through 20.9, some Sudo permissions can be... High Unreviewed

CVE-2022-30759 was published May 2, 2023

Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an... Moderate Unreviewed

CVE-2023-2737 was published Aug 16, 2023

A valid XCC user's local account permissions overrides their active directory permissions under... High Unreviewed

CVE-2023-29057 was published Jul 6, 2023

An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0... Moderate Unreviewed

CVE-2022-33877 was published Jun 13, 2023

Previous 1 2 3 4 5 … 33 34 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

832 advisories