Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

272 advisories

Loading
Insecure permissions in kruise v1.6.2 allows attackers to access sensitive data and escalate... Critical Unreviewed
CVE-2024-36532 was published Jun 22, 2024
There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force... High Unreviewed
CVE-2023-25646 was published Jun 20, 2024
When installing Nessus Agent to a directory outside of the default location on a Windows host,... High Unreviewed
CVE-2024-3291 was published May 17, 2024
When installing Nessus to a directory outside of the default location on a Windows host, Nessus... High Unreviewed
CVE-2024-3289 was published May 17, 2024
Moby (Docker Engine) Insufficiently restricted permissions on data directory Moderate
CVE-2021-41091 was published for github.com/docker/docker (Go) Jan 31, 2024
joanbm AlonZa
neersighted
Apache Airflow: Ignored Airflow Permission Moderate
CVE-2024-28746 was published for apache-airflow (pip) Mar 14, 2024
oscerd
Apache Airflow Improper Preservation of Permissions vulnerability Moderate
CVE-2024-29735 was published for apache-airflow (pip) Mar 26, 2024
Quarkus: security checks in resteasy reactive may trigger a denial of service Moderate
CVE-2024-1726 was published for io.quarkus.resteasy.reactive:resteasy-reactive (Maven) Apr 25, 2024
OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions Moderate
CVE-2022-44020 was published for sushy-tools (pip) Oct 30, 2022
Authelia's Group Changes may not have the expected results (YAML file backend) Low
GHSA-x883-2vmg-xwf7 was published for github.com/authelia/authelia/v4 (Go) Apr 22, 2024
ezrizhu
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. When a local... High Unreviewed
CVE-2023-1386 was published Jul 24, 2023
A software vulnerability has been identified in the U-Boot Secondary Program Loader (SPL) before... High Unreviewed
CVE-2023-39902 was published Oct 17, 2023
Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows... Low Unreviewed
CVE-2023-30735 was published Oct 4, 2023
The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory.... Moderate Unreviewed
CVE-2022-47637 was published Sep 13, 2023
IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper... High Unreviewed
CVE-2022-43910 was published Jul 19, 2023
In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time... Moderate Unreviewed
CVE-2023-21249 was published Jul 13, 2023
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local... High Unreviewed
CVE-2023-0975 was published Jul 6, 2023
An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially... High Unreviewed
CVE-2022-4139 was published Jul 6, 2023
An insecure filesystem permission in the Insider Threat Management Agent for Windows enables... Moderate Unreviewed
CVE-2023-2818 was published Jun 27, 2023
A valid, authenticated user with limited privileges may be able to use specifically crafted web... Moderate Unreviewed
CVE-2023-2993 was published Jun 26, 2023
If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a... High Unreviewed
CVE-2023-28161 was published Jun 2, 2023
Suprema BioStar 2 before 2022 Q4, v2.9.1 has Insecure Permissions. A vulnerability in the web... High Unreviewed
CVE-2023-31923 was published May 22, 2023
Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64... Moderate Unreviewed
CVE-2019-20384 was published May 24, 2022
OX App Suite through 7.10.2 has Insecure Permissions. High Unreviewed
CVE-2019-14226 was published May 24, 2022
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without... Moderate Unreviewed
CVE-2019-14956 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database