GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,934
Maven
5,000+
npm
3,668
NuGet
642
pip
3,287
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
400 advisories
Filter by severity
Under specific circumstances, insecure permissions in Ivanti Velocity License Server before...
High
Unreviewed
CVE-2024-9167
was published
Oct 8, 2024
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The...
High
Unreviewed
CVE-2024-8533
was published
Sep 12, 2024
NNM failed to properly set ACLs on its installation directory, which could allow a low...
High
Unreviewed
CVE-2023-5623
was published
Oct 26, 2023
Insecure permissions in Smart Soft advancedexport before v4.4.7 allow unauthenticated attackers...
High
Unreviewed
CVE-2023-43984
was published
Nov 8, 2023
The TD Bank TD Advanced Dashboard client through 3.0.3 for macOS allows arbitrary code execution...
High
Unreviewed
CVE-2023-50975
was published
Feb 21, 2024
Vulnerability of undefined permissions in the Calendar app.
Impact: Successful exploitation of...
High
Unreviewed
CVE-2023-52545
was published
Apr 8, 2024
The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions...
High
Unreviewed
CVE-2023-7235
was published
Feb 21, 2024
Clario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to...
High
Unreviewed
CVE-2024-34474
was published
May 5, 2024
extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic...
High
Unreviewed
CVE-2023-46870
was published
May 14, 2024
CloudStack account-users by default use username and password based authentication for API and UI...
High
Unreviewed
CVE-2024-42062
was published
Aug 7, 2024
An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo...
High
Unreviewed
CVE-2024-4763
was published
Aug 16, 2024
An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and...
High
Unreviewed
CVE-2024-2175
was published
Aug 16, 2024
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to...
High
Unreviewed
CVE-2023-31349
was published
Aug 13, 2024
In da, there is a possible permission bypass due to a missing permission check. This could lead...
High
Unreviewed
CVE-2024-20005
was published
Mar 4, 2024
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory...
High
Unreviewed
CVE-2024-43114
was published
Aug 6, 2024
The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with...
High
Unreviewed
CVE-2024-42053
was published
Jul 28, 2024
Untrusted Search Path, Incorrect Default Permissions vulnerability in Cato Networks SDP Client on...
High
Unreviewed
CVE-2024-6974
was published
Jul 31, 2024
Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and...
High
Unreviewed
CVE-2024-36541
was published
Jul 24, 2024
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on...
High
Unreviewed
CVE-2024-3904
was published
Jul 4, 2024
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass...
High
Unreviewed
CVE-2013-0632
was published
May 17, 2022
Under certain circumstances the Software House C●CURE 9000 Site Server provides insufficient...
High
Unreviewed
CVE-2024-32861
was published
Jul 16, 2024
The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an...
High
Unreviewed
CVE-2024-36495
was published
Jun 24, 2024
On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to...
High
Unreviewed
CVE-2024-4030
was published
May 7, 2024
A remote attacker using the insecure upload functionality will be able to overwrite any Python...
High
Unreviewed
CVE-2024-27171
was published
Jun 14, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several...
High
Unreviewed
CVE-2024-27167
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API