Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,166 advisories

Loading
Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before... Moderate Unreviewed
CVE-2022-33898 was published Nov 14, 2023
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2... Moderate Unreviewed
CVE-2023-36633 was published Nov 14, 2023
An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security... Moderate Unreviewed
CVE-2023-47801 was published Nov 13, 2023
Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint... High Unreviewed
CVE-2023-28134 was published Nov 13, 2023
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed
CVE-2023-5136 was published Nov 8, 2023
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine... Moderate Unreviewed
CVE-2023-3282 was published Nov 8, 2023
Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect... High Unreviewed
CVE-2023-46449 was published Oct 26, 2023
A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2023-42861 was published Oct 25, 2023
EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource Critical Unreviewed
CVE-2023-42489 was published Oct 25, 2023
Incorrect Permission Assignment for Critical Resource in GitHub Enterprise Server that allowed... Unknown Unreviewed
CVE-2023-23767 was published Oct 25, 2023
SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To... High Unreviewed
CVE-2023-40361 was published Oct 20, 2023
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability... High Unreviewed
CVE-2023-34437 was published Oct 19, 2023
An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of... Moderate Unreviewed
CVE-2023-44201 was published Oct 13, 2023
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities... High Unreviewed
CVE-2023-32724 was published Oct 12, 2023
Request to LDAP is sent before user permissions are checked. Critical Unreviewed
CVE-2023-32723 was published Oct 12, 2023
A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.20). The... High Unreviewed
CVE-2023-45205 was published Oct 10, 2023
A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application... High Unreviewed
CVE-2022-30527 was published Oct 10, 2023
A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.22). The... Moderate Unreviewed
CVE-2023-38640 was published Oct 10, 2023
Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0... High Unreviewed
CVE-2023-42189 was published Oct 10, 2023
An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through... Moderate Unreviewed
CVE-2023-45369 was published Oct 9, 2023
An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1... Moderate Unreviewed
CVE-2023-45364 was published Oct 9, 2023
Decidim has broken access control in templates High
CVE-2023-36465 was published for decidim (RubyGems) Oct 5, 2023
andreslucena
Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability High
CVE-2023-5077 was published for github.com/hashicorp/vault (Go) Sep 29, 2023
A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi... High Unreviewed
CVE-2023-20254 was published Sep 27, 2023
Broadcast permission control vulnerability in the framework module. Successful exploitation of... Moderate Unreviewed
CVE-2023-4565 was published Sep 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database