Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,614
NuGet
638
pip
3,225
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,124 advisories

Loading
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities Moderate
CVE-2022-24769 was published for github.com/docker/docker (Go) Apr 22, 2024
AndrewGMorgan
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3... Moderate Unreviewed
CVE-2024-22334 was published Apr 12, 2024
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6... Moderate Unreviewed
CVE-2023-4228 was published Aug 24, 2023
Vulnerability of improper permission management in the displayengine module. Successful... Moderate Unreviewed
CVE-2023-41295 was published Sep 25, 2023
Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access control over the UART... High Unreviewed
CVE-2018-20007 was published May 24, 2022
Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows... Moderate Unreviewed
CVE-2023-34797 was published Jun 15, 2023
The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for... High Unreviewed
CVE-2020-36154 was published May 24, 2022
3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows... High Unreviewed
CVE-2019-14935 was published May 24, 2022
Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions. Moderate Unreviewed
CVE-2022-43309 was published Apr 7, 2023
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels... Moderate Unreviewed
CVE-2021-3631 was published Mar 4, 2022
Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect... High Unreviewed
CVE-2023-46449 was published Oct 26, 2023
SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To... High Unreviewed
CVE-2023-40361 was published Oct 20, 2023
An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of... Moderate Unreviewed
CVE-2023-44201 was published Oct 13, 2023
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities... High Unreviewed
CVE-2023-32724 was published Oct 12, 2023
An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1... Moderate Unreviewed
CVE-2023-45364 was published Oct 9, 2023
An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through... Moderate Unreviewed
CVE-2023-45369 was published Oct 9, 2023
A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi... High Unreviewed
CVE-2023-20254 was published Sep 27, 2023
Broadcast permission control vulnerability in the framework module. Successful exploitation of... Moderate Unreviewed
CVE-2023-4565 was published Sep 27, 2023
Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows... High Unreviewed
CVE-2023-4665 was published Sep 15, 2023
A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q3). The affected... High Unreviewed
CVE-2023-38557 was published Sep 14, 2023
An incorrect permission check in Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier... Moderate Unreviewed
CVE-2023-4777 was published Sep 8, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 16.1 before 16.1.5... High Unreviewed
CVE-2023-3915 was published Sep 1, 2023
Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033... Moderate Unreviewed
CVE-2023-34391 was published Aug 31, 2023
In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or... High Unreviewed
CVE-2023-40754 was published Aug 28, 2023
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file High Unreviewed
CVE-2023-4332 was published Aug 15, 2023
ProTip! Advisories are also available from the GraphQL API