GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
583 advisories
Filter by severity
Insecure permissions exist for configd.socket in OPNsense before 23.7.
High
Unreviewed
CVE-2023-39005
was published
Aug 9, 2023
OPNsense before 23.7 was discovered to contain insecure permissions in the directory /tmp.
High
Unreviewed
CVE-2023-39003
was published
Aug 9, 2023
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected...
High
Unreviewed
CVE-2022-39062
was published
Aug 8, 2023
A vulnerability in the privilege management functionality of all Cisco BroadWorks server types...
High
Unreviewed
CVE-2023-20216
was published
Aug 4, 2023
Cargo not respecting umask when extracting crate archives
High
CVE-2023-38497
was published
for
cargo
(Rust)
Aug 3, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various...
High
Unreviewed
CVE-2023-3322
was published
Jul 24, 2023
Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted...
High
Unreviewed
CVE-2023-28133
was published
Jul 23, 2023
SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing...
High
Unreviewed
CVE-2023-33990
was published
Jul 11, 2023
When creating a journal entry template in SAP S/4HANA (Manage Journal Entry Template) - versions...
High
Unreviewed
CVE-2023-35870
was published
Jul 11, 2023
Apache InLong vulnerable to Incorrect Permission Assignment for Critical Resource
High
CVE-2023-31454
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 6, 2023
Apache InLong Incorrect Permission Assignment for Critical Resource Vulnerability
High
CVE-2023-31453
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 6, 2023
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE...
High
Unreviewed
CVE-2022-43946
was published
Jul 6, 2023
An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions.
High
Unreviewed
CVE-2022-44719
was published
Jun 29, 2023
In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an...
High
Unreviewed
CVE-2023-37237
was published
Jun 29, 2023
An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows...
High
Unreviewed
CVE-2023-29860
was published
Jun 23, 2023
Apache Tomcat vulnerable to information leak
High
CVE-2023-34981
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Jun 21, 2023
Vulnerability of undefined permissions in HUAWEI VR screen projection.Successful exploitation of...
High
Unreviewed
CVE-2023-34154
was published
Jun 16, 2023
IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critical resource in a...
High
Unreviewed
CVE-2022-33163
was published
Jun 15, 2023
Insecure Temporary File in HuTool
High
CVE-2023-33695
was published
for
cn.hutool:hutool-core
(Maven)
Jun 13, 2023
A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). Affected...
High
Unreviewed
CVE-2023-30897
was published
Jun 13, 2023
Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS)...
High
Unreviewed
CVE-2023-28399
was published
Jun 1, 2023
An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for a remote...
High
Unreviewed
CVE-2023-28346
was published
May 31, 2023
Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via...
High
Unreviewed
CVE-2023-31874
was published
May 29, 2023
Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local...
High
Unreviewed
CVE-2023-31748
was published
May 24, 2023
The window management module lacks permission verification.Successful exploitation of this...
High
Unreviewed
CVE-2023-1692
was published
May 20, 2023
ProTip!
Advisories are also available from the
GraphQL API