GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,934
Maven
5,000+
npm
3,668
NuGet
642
pip
3,287
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
425 advisories
Filter by severity
Under specific circumstances, insecure permissions in Ivanti Velocity License Server before...
High
Unreviewed
CVE-2024-9167
was published
Oct 8, 2024
Duplicate Advisory: Apiman has insufficient checks for read permissions
High
GHSA-54r5-wr8x-x5v3
was published
for
io.apiman:apiman-manager-api-rest-impl
(Maven)
Dec 20, 2022
•
withdrawn
OpenStack Manila Unprivileged users can retrieve, use and manipulate share networks
High
CVE-2020-9543
was published
for
manila
(pip)
May 24, 2022
Incorrect Default Permissions in keyring
High
CVE-2012-5578
was published
for
keyring
(pip)
Mar 10, 2020
Incorrect Default Permissions in keyring
High
CVE-2012-5577
was published
for
keyring
(pip)
Mar 11, 2020
JSNAPy allows unprivileged local users to alter files under the directory
High
CVE-2018-0023
was published
for
jsnapy
(pip)
Jul 12, 2018
Django Incorrect Default Permissions
High
CVE-2020-24584
was published
for
django
(pip)
Mar 18, 2021
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The...
High
Unreviewed
CVE-2024-8533
was published
Sep 12, 2024
Django Incorrect Default Permissions
High
CVE-2020-24583
was published
for
Django
(pip)
Mar 18, 2021
Mautic Sensitive Data Exposure due to inadequate user permission settings
High
CVE-2022-25776
was published
for
mautic/core
(Composer)
Apr 12, 2024
Incorrect Default Permissions in Cobbler
High
CVE-2021-45083
was published
for
cobbler
(pip)
Feb 21, 2022
NNM failed to properly set ACLs on its installation directory, which could allow a low...
High
Unreviewed
CVE-2023-5623
was published
Oct 26, 2023
Insecure permissions in Smart Soft advancedexport before v4.4.7 allow unauthenticated attackers...
High
Unreviewed
CVE-2023-43984
was published
Nov 8, 2023
The TD Bank TD Advanced Dashboard client through 3.0.3 for macOS allows arbitrary code execution...
High
Unreviewed
CVE-2023-50975
was published
Feb 21, 2024
Vulnerability of undefined permissions in the Calendar app.
Impact: Successful exploitation of...
High
Unreviewed
CVE-2023-52545
was published
Apr 8, 2024
The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions...
High
Unreviewed
CVE-2023-7235
was published
Feb 21, 2024
Clario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to...
High
Unreviewed
CVE-2024-34474
was published
May 5, 2024
extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic...
High
Unreviewed
CVE-2023-46870
was published
May 14, 2024
Improper Preservation of Permissions in xxl-job
High
CVE-2024-42681
was published
for
com.xuxueli:xxl-job-core
(Maven)
Aug 15, 2024
CloudStack account-users by default use username and password based authentication for API and UI...
High
Unreviewed
CVE-2024-42062
was published
Aug 7, 2024
An insecure driver vulnerability was reported in Lenovo Display Control Center (LDCC) and Lenovo...
High
Unreviewed
CVE-2024-4763
was published
Aug 16, 2024
An insecure permissions vulnerability was reported in Lenovo Display Control Center (LDCC) and...
High
Unreviewed
CVE-2024-2175
was published
Aug 16, 2024
Incorrect default permissions in the AMD μProf installation directory could allow an attacker to...
High
Unreviewed
CVE-2023-31349
was published
Aug 13, 2024
In da, there is a possible permission bypass due to a missing permission check. This could lead...
High
Unreviewed
CVE-2024-20005
was published
Mar 4, 2024
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory...
High
Unreviewed
CVE-2024-43114
was published
Aug 6, 2024
ProTip!
Advisories are also available from the
GraphQL API