Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,039
Erlang
29
GitHub Actions
18
Go
1,864
Maven
5,000+
npm
3,587
NuGet
636
pip
3,176
Pub
10
RubyGems
852
Rust
805
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,118 advisories

Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0... High Unreviewed
CVE-2023-42189 was published Oct 10, 2023
An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through... Moderate Unreviewed
CVE-2023-45369 was published Oct 9, 2023
An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1... Moderate Unreviewed
CVE-2023-45364 was published Oct 9, 2023
Decidim has broken access control in templates High
CVE-2023-36465 was published for decidim (RubyGems) Oct 5, 2023
andreslucena
Hashicorp Vault Incorrect Permission Assignment for Critical Resource vulnerability High
CVE-2023-5077 was published for github.com/hashicorp/vault (Go) Sep 29, 2023
A vulnerability in the session management system of the Cisco Catalyst SD-WAN Manager multi... High Unreviewed
CVE-2023-20254 was published Sep 27, 2023
Broadcast permission control vulnerability in the framework module. Successful exploitation of... Moderate Unreviewed
CVE-2023-4565 was published Sep 27, 2023
Vulnerability of improper permission management in the displayengine module. Successful... Moderate Unreviewed
CVE-2023-41295 was published Sep 25, 2023
A vulnerability has been identified in Node.js version 20, affecting users of the experimental... Moderate Unreviewed
CVE-2023-32005 was published Sep 20, 2023
Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows... High Unreviewed
CVE-2023-4665 was published Sep 15, 2023
A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q3). The affected... High Unreviewed
CVE-2023-38557 was published Sep 14, 2023
An incorrect permission check in Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier... Moderate Unreviewed
CVE-2023-4777 was published Sep 8, 2023
Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation... High Unreviewed
CVE-2023-32162 was published Sep 6, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 16.1 before 16.1.5... High Unreviewed
CVE-2023-3915 was published Sep 1, 2023
Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033... Moderate Unreviewed
CVE-2023-34391 was published Aug 31, 2023
In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or... High Unreviewed
CVE-2023-40754 was published Aug 28, 2023
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6... Moderate Unreviewed
CVE-2023-4228 was published Aug 24, 2023
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2023-20234 was published Aug 23, 2023
A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software... Moderate Unreviewed
CVE-2023-20200 was published Aug 23, 2023
A vulnerability in the restricted security domain implementation of Cisco Application Policy... Moderate Unreviewed
CVE-2023-20230 was published Aug 23, 2023
A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0... High Unreviewed
CVE-2023-4383 was published Aug 16, 2023
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file High Unreviewed
CVE-2023-4332 was published Aug 15, 2023
Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow... High Unreviewed
CVE-2023-28658 was published Aug 11, 2023
Insecure permissions exist for configd.socket in OPNsense before 23.7. High Unreviewed
CVE-2023-39005 was published Aug 9, 2023
OPNsense before 23.7 was discovered to contain insecure permissions in the directory /tmp. High Unreviewed
CVE-2023-39003 was published Aug 9, 2023
ProTip! Advisories are also available from the GraphQL API