GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
217 advisories
Filter by severity
There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force...
High
Unreviewed
CVE-2023-25646
was published
Jun 20, 2024
`docker cp` allows unexpected chmod of host files in Moby Docker Engine
Low
CVE-2021-41089
was published
for
github.com/docker/docker
(Go)
Jun 10, 2024
When installing Nessus Agent to a directory outside of the default location on a Windows host,...
High
Unreviewed
CVE-2024-3291
was published
May 17, 2024
When installing Nessus to a directory outside of the default location on a Windows host, Nessus...
High
Unreviewed
CVE-2024-3289
was published
May 17, 2024
Grafana folders admin only permission privilege escalation
High
CVE-2022-36062
was published
for
github.com/grafana/grafana
(Go)
May 14, 2024
Broken Access Control vulnerability in ReviewX.This issue affects ReviewX: from n/a through 1.6...
Moderate
Unreviewed
CVE-2024-33921
was published
May 3, 2024
Quarkus: security checks in resteasy reactive may trigger a denial of service
Moderate
CVE-2024-1726
was published
for
io.quarkus.resteasy.reactive:resteasy-reactive
(Maven)
Apr 25, 2024
Authelia's Group Changes may not have the expected results (YAML file backend)
Low
GHSA-x883-2vmg-xwf7
was published
for
github.com/authelia/authelia/v4
(Go)
Apr 22, 2024
HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when...
Moderate
Unreviewed
CVE-2024-23560
was published
Apr 15, 2024
Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop...
Moderate
Unreviewed
CVE-2024-3545
was published
Apr 9, 2024
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get...
Low
Unreviewed
CVE-2024-22177
was published
Apr 2, 2024
Apache Airflow Improper Preservation of Permissions vulnerability
Moderate
CVE-2024-29735
was published
for
apache-airflow
(pip)
Mar 26, 2024
Anope before 2.0.15 does not prevent resetting the password of a suspended account.
Moderate
Unreviewed
CVE-2024-30187
was published
Mar 25, 2024
Apache Airflow: Ignored Airflow Permission
Moderate
CVE-2024-28746
was published
for
apache-airflow
(pip)
Mar 14, 2024
Jenkins Bitbucket Branch Source Plugin has incorrect trust policy behavior for pull requests
Moderate
CVE-2024-28152
was published
for
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source
(Maven)
Mar 6, 2024
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through...
Moderate
Unreviewed
CVE-2024-21816
was published
Mar 4, 2024
An issue was discovered in Couchbase Server before 7.2.4. An attacker can bypass SQL++ N1QL cURL...
Moderate
Unreviewed
CVE-2023-49932
was published
Feb 29, 2024
Missing permission checks on Hazelcast client protocol
High
CVE-2023-45859
was published
for
com.hazelcast:hazelcast
(Maven)
Feb 27, 2024
Moby (Docker Engine) Insufficiently restricted permissions on data directory
Moderate
CVE-2021-41091
was published
for
github.com/docker/docker
(Go)
Jan 31, 2024
Improper Preservation of Permissions in etcd
Moderate
CVE-2020-15113
was published
for
github.com/etcd-io/etcd
(Go)
Jan 30, 2024
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,...
Moderate
Unreviewed
CVE-2024-0674
was published
Jan 30, 2024
Insufficient macro permission validation of The Document Foundation LibreOffice allows an...
High
Unreviewed
CVE-2023-6186
was published
Dec 11, 2023
Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote...
Critical
Unreviewed
CVE-2023-47463
was published
Nov 30, 2023
Improperly calculated effective permissions in M-Files Server versions 23.9 and 23.10 and 23.11...
Moderate
Unreviewed
CVE-2023-6239
was published
Nov 28, 2023
in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write...
High
Unreviewed
CVE-2023-43612
was published
Nov 20, 2023
ProTip!
Advisories are also available from the
GraphQL API