GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,005 advisories
Filter by severity
Vulnerability of improper permission management in the displayengine module. Successful...
Moderate
Unreviewed
CVE-2023-41295
was published
Sep 25, 2023
A vulnerability has been identified in Node.js version 20, affecting users of the experimental...
Moderate
Unreviewed
CVE-2023-32005
was published
Sep 20, 2023
Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows...
High
Unreviewed
CVE-2023-4665
was published
Sep 15, 2023
A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q3). The affected...
High
Unreviewed
CVE-2023-38557
was published
Sep 14, 2023
An incorrect permission check in Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier...
Moderate
Unreviewed
CVE-2023-4777
was published
Sep 8, 2023
Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation...
High
Unreviewed
CVE-2023-32162
was published
Sep 6, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 16.1 before 16.1.5...
High
Unreviewed
CVE-2023-3915
was published
Sep 1, 2023
Insecure Inherited Permissions vulnerability in Schweitzer Engineering Laboratories SEL-5033...
Moderate
Unreviewed
CVE-2023-34391
was published
Aug 31, 2023
In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or...
High
Unreviewed
CVE-2023-40754
was published
Aug 28, 2023
A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6...
Moderate
Unreviewed
CVE-2023-4228
was published
Aug 24, 2023
A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software...
Moderate
Unreviewed
CVE-2023-20200
was published
Aug 23, 2023
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to...
Moderate
Unreviewed
CVE-2023-20234
was published
Aug 23, 2023
A vulnerability in the restricted security domain implementation of Cisco Application Policy...
Moderate
Unreviewed
CVE-2023-20230
was published
Aug 23, 2023
A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0...
High
Unreviewed
CVE-2023-4383
was published
Aug 16, 2023
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
High
Unreviewed
CVE-2023-4332
was published
Aug 15, 2023
Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow...
High
Unreviewed
CVE-2023-28658
was published
Aug 11, 2023
OPNsense before 23.7 was discovered to contain insecure permissions in the directory /tmp.
High
Unreviewed
CVE-2023-39003
was published
Aug 9, 2023
Insecure permissions exist for configd.socket in OPNsense before 23.7.
High
Unreviewed
CVE-2023-39005
was published
Aug 9, 2023
Insecure permissions in the configuration directory (/conf/) of OPNsense before 23.7 allow...
Critical
Unreviewed
CVE-2023-39004
was published
Aug 9, 2023
A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected...
High
Unreviewed
CVE-2022-39062
was published
Aug 8, 2023
An issue in the delete function in the ActModelController class of jeesite v1.2.6 allows...
Moderate
Unreviewed
CVE-2023-38991
was published
Aug 4, 2023
A vulnerability in the privilege management functionality of all Cisco BroadWorks server types...
High
Unreviewed
CVE-2023-20216
was published
Aug 4, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various...
High
Unreviewed
CVE-2023-3322
was published
Jul 24, 2023
Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted...
High
Unreviewed
CVE-2023-28133
was published
Jul 23, 2023
SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing...
High
Unreviewed
CVE-2023-33990
was published
Jul 11, 2023
ProTip!
Advisories are also available from the
GraphQL API