GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,713
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,315
Maven 5,600
npm 3,949
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,473

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

476 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Magento incorrect permissions vulnerability in the Integrations component Moderate

CVE-2020-24402 was published for magento/community-edition (Composer) May 24, 2022

Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to... Moderate Unreviewed

CVE-2024-20830 was published Mar 5, 2024

Incorrect default permissions for some Intel(R) DSA installer for Windows before version 24.2.19... Moderate Unreviewed

CVE-2024-32942 was published Feb 13, 2025

Incorrect default permissions for some Intel(R) GPA and Intel(R) GPA Framework software... Moderate Unreviewed

CVE-2024-42419 was published Feb 13, 2025

Apache Superset has Incorrect Default Permissions Moderate

CVE-2023-42501 was published for apache-superset (pip) Nov 27, 2023

Improper Handling of Insufficient Privileges in Samsung Account prior to version 14.8.00.3 allows... Moderate Unreviewed

CVE-2024-20841 was published Mar 5, 2024

Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission... Moderate Unreviewed

CVE-2025-21106 was published Feb 20, 2025

In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration... Moderate Unreviewed

CVE-2025-27926 was published Mar 11, 2025

Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567... Moderate Unreviewed

CVE-2024-25654 was published Mar 18, 2024

A User enumeration vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers... Moderate Unreviewed

CVE-2024-48572 was published Oct 30, 2024

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed

CVE-2024-44151 was published Sep 17, 2024

By default, SANnav OVA is shipped with root user login enabled. While protected by a password,... Moderate Unreviewed

CVE-2024-2859 was published Apr 27, 2024

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed

CVE-2024-44135 was published Sep 17, 2024

Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R)... Moderate Unreviewed

CVE-2023-29162 was published Mar 28, 2024

Cache confusion in Jenkins Eiffel Broadcaster Plugin Moderate

CVE-2025-24400 was published for com.axis.jenkins.plugins.eiffel:eiffel-broadcaster (Maven) Jan 22, 2025

Libcontainer is affected by capabilities elevation similar to GHSA-f3fp-gc8g-vw66 Moderate

CVE-2025-27612 was published for libcontainer (Rust) Mar 21, 2025

This issue was addressed through improved state management. This issue is fixed in visionOS 1.3,... Moderate Unreviewed

CVE-2024-54564 was published Mar 21, 2025

Bypass of GACS Policy Configuration settings in Citrix Workspace app for HTML5 Moderate Unreviewed

CVE-2024-6148 was published Jul 10, 2024

In wlan driver, there is a possible missing permission check. This could lead to local... Moderate Unreviewed

CVE-2022-47450 was published Feb 12, 2023

The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory... Moderate Unreviewed

CVE-2025-2781 was published Mar 29, 2025

The WatchGuard Terminal Services Agent on Windows does not properly configure directory... Moderate Unreviewed

CVE-2025-2782 was published Mar 29, 2025

The Simple Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2024-11088 was published Apr 5, 2025

Incorrect default permissions issue exists in Unifier and Unifier Cast Version.5.0 or later, and... Moderate Unreviewed

CVE-2024-23847 was published May 31, 2024

snowflake-connector-python vulnerable to insecure cache files permissions Moderate

CVE-2025-24795 was published for snowflake-connector-python (pip) Jan 29, 2025

fal_sftp extension for TYPO3 uses weak permissions for sFTP driver files and folders Moderate

CVE-2014-8327 was published for co-stack/fal_sftp (Composer) May 17, 2022

Previous 1 2 … 16 17 18 19 20 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

476 advisories