GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,614
NuGet
638
pip
3,225
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,124 advisories
Filter by severity
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities
Moderate
CVE-2022-24769
was published
for
github.com/docker/docker
(Go)
Apr 22, 2024
IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3...
Moderate
Unreviewed
CVE-2024-22334
was published
Apr 12, 2024
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6...
Moderate
Unreviewed
CVE-2023-4228
was published
Aug 24, 2023
Vulnerability of improper permission management in the displayengine module. Successful...
Moderate
Unreviewed
CVE-2023-41295
was published
Sep 25, 2023
Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access control over the UART...
High
Unreviewed
CVE-2018-20007
was published
May 24, 2022
Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows...
Moderate
Unreviewed
CVE-2023-34797
was published
Jun 15, 2023
The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for...
High
Unreviewed
CVE-2020-36154
was published
May 24, 2022
3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows...
High
Unreviewed
CVE-2019-14935
was published
May 24, 2022
Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions.
Moderate
Unreviewed
CVE-2022-43309
was published
Apr 7, 2023
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels...
Moderate
Unreviewed
CVE-2021-3631
was published
Mar 4, 2022
Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect...
High
Unreviewed
CVE-2023-46449
was published
Oct 26, 2023
SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To...
High
Unreviewed
CVE-2023-40361
was published
Oct 20, 2023
An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of...
Moderate
Unreviewed
CVE-2023-44201
was published
Oct 13, 2023
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities...
High
Unreviewed
CVE-2023-32724
was published
Oct 12, 2023
An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1...
Moderate
Unreviewed
CVE-2023-45364
was published
Oct 9, 2023
An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through...
Moderate
Unreviewed
CVE-2023-45369
was published
Oct 9, 2023
A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi...
High
Unreviewed
CVE-2023-20254
was published
Sep 27, 2023
Broadcast permission control vulnerability in the framework module. Successful exploitation of...
Moderate
Unreviewed
CVE-2023-4565
was published
Sep 27, 2023
Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows...
High
Unreviewed
CVE-2023-4665
was published
Sep 15, 2023
A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q3). The affected...
High
Unreviewed
CVE-2023-38557
was published
Sep 14, 2023
An incorrect permission check in Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier...
Moderate
Unreviewed
CVE-2023-4777
was published
Sep 8, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 16.1 before 16.1.5...
High
Unreviewed
CVE-2023-3915
was published
Sep 1, 2023
Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033...
Moderate
Unreviewed
CVE-2023-34391
was published
Aug 31, 2023
In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or...
High
Unreviewed
CVE-2023-40754
was published
Aug 28, 2023
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
High
Unreviewed
CVE-2023-4332
was published
Aug 15, 2023
ProTip!
Advisories are also available from the
GraphQL API