GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,976
Erlang
29
GitHub Actions
16
Go
1,765
Maven
4,990
npm
3,534
NuGet
615
pip
3,103
Pub
10
RubyGems
837
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
380 advisories
Filter by severity
The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an...
High
Unreviewed
CVE-2024-36495
was published
Jun 24, 2024
On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to...
High
Unreviewed
CVE-2024-4030
was published
May 7, 2024
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on...
High
Unreviewed
CVE-2024-3904
was published
Jul 4, 2024
A remote attacker using the insecure upload functionality will be able to overwrite any Python...
High
Unreviewed
CVE-2024-27171
was published
Jun 14, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several...
High
Unreviewed
CVE-2024-27167
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27151
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27152
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27153
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27155
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27149
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27148
was published
Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker...
High
Unreviewed
CVE-2024-27150
was published
Jun 14, 2024
Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory.
High
Unreviewed
CVE-2024-34455
was published
May 3, 2024
An issue was discovered in Logpoint 7.1 before 7.1.2. The daily executed cron file...
High
Unreviewed
CVE-2022-48685
was published
Apr 28, 2024
Certain software builds for the TCL 30Z and TCL 10 Android devices contain a vulnerable, pre...
High
Unreviewed
CVE-2023-38295
was published
Apr 22, 2024
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows,...
High
Unreviewed
CVE-2024-4679
was published
Jul 2, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could...
High
Unreviewed
CVE-2023-38370
was published
Jun 27, 2024
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated...
High
Unreviewed
CVE-2024-37038
was published
Jun 12, 2024
An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The...
High
Unreviewed
CVE-2023-31468
was published
Sep 11, 2023
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may...
High
Unreviewed
CVE-2023-43629
was published
May 16, 2024
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may...
High
Unreviewed
CVE-2023-24460
was published
May 16, 2024
Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing...
High
Unreviewed
CVE-2023-23976
was published
Apr 24, 2024
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the...
High
Unreviewed
CVE-2020-12695
was published
May 24, 2022
An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop...
High
Unreviewed
CVE-2023-27035
was published
May 2, 2023
In Nokia One-NDS (aka Network Directory Server) through 20.9, some Sudo permissions can be...
High
Unreviewed
CVE-2022-30759
was published
May 2, 2023
ProTip!
Advisories are also available from the
GraphQL API