Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

425 advisories

Loading
Sensitive information disclosure due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2023-48678 was published Feb 27, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 17.1,... Moderate Unreviewed
CVE-2023-42953 was published Feb 21, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Moderate Unreviewed
CVE-2024-20921 was published Feb 17, 2024
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS... Moderate Unreviewed
CVE-2023-49721 was published Feb 15, 2024
Dell PowerScale OneFS versions 8.2.x through 9.6.0.x contains an incorrect default permissions... Moderate Unreviewed
CVE-2024-22430 was published Feb 1, 2024
A vulnerability has been reported in Suite Setups built with versions prior to InstallShield 2023... Moderate Unreviewed
CVE-2023-29081 was published Jan 26, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ignazio Scimone Albo... Moderate Unreviewed
CVE-2024-22301 was published Jan 24, 2024
Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio... Moderate Unreviewed
CVE-2022-4964 was published Jan 24, 2024
A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID... Moderate Unreviewed
CVE-2024-0770 was published Jan 22, 2024
Incorrect default permissions in some Intel Integrated Sensor Hub (ISH) driver for Windows 10 for... Moderate Unreviewed
CVE-2023-29244 was published Jan 19, 2024
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning... Moderate Unreviewed
CVE-2023-6457 was published Jan 16, 2024
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y... Moderate Unreviewed
CVE-2024-23301 was published Jan 13, 2024
[PROBLEMTYPE] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT]. Moderate Unreviewed
CVE-2022-45793 was published Jan 10, 2024
A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows... Moderate Unreviewed
CVE-2023-5536 was published Dec 12, 2023
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow... Moderate Unreviewed
CVE-2023-28870 was published Dec 9, 2023
Permission management vulnerability in the module for disabling Sound Booster. Successful... Moderate Unreviewed
CVE-2023-6273 was published Dec 6, 2023
In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials... Moderate Unreviewed
CVE-2023-40076 was published Dec 5, 2023
A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is... Moderate Unreviewed
CVE-2023-6302 was published Nov 27, 2023
PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default... Moderate Unreviewed
CVE-2023-43081 was published Nov 22, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information... Moderate Unreviewed
CVE-2023-42774 was published Nov 20, 2023
Insecure permissions in the setNFZEnable function of Autel Robotics EVO Nano drone v1.6.5 allows... Moderate Unreviewed
CVE-2023-47335 was published Nov 16, 2023
Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may... Moderate Unreviewed
CVE-2023-32638 was published Nov 14, 2023
Incorrect default permissions in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows... Moderate Unreviewed
CVE-2023-27305 was published Nov 14, 2023
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files,... Moderate Unreviewed
CVE-2023-4091 was published Nov 3, 2023
A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of... Moderate Unreviewed
CVE-2022-4575 was published Oct 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database