Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,715
Erlang
34
GitHub Actions
28
Go
2,302
Maven
5,000+
npm
3,946
NuGet
711
pip
3,716
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

632 advisories

Loading
Incorrect Default Permissions vulnerability in Smart Device Communication Gateway preinstalled on... High Unreviewed
CVE-2024-3904 was published Jul 4, 2024
Incorrect Default Permissions vulnerability in Hitachi JP1/Extensible SNMP Agent for Windows,... High Unreviewed
CVE-2024-4679 was published Jul 2, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could... High Unreviewed
CVE-2023-38370 was published Jun 27, 2024
pgAdmin <= 8.8 has an installation Directory permission issue. Because of this issue, attackers... High Unreviewed
CVE-2024-6238 was published Jun 25, 2024
The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an... High Unreviewed
CVE-2024-36495 was published Jun 24, 2024
langchain_experimental Code Execution via Python REPL access High
CVE-2024-38459 was published for langchain-experimental (pip) Jun 16, 2024
A remote attacker using the insecure upload functionality will be able to overwrite any Python... High Unreviewed
CVE-2024-27171 was published Jun 14, 2024
Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several... High Unreviewed
CVE-2024-27167 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27155 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27153 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27152 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27149 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27150 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27151 was published Jun 14, 2024
The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker... High Unreviewed
CVE-2024-27148 was published Jun 14, 2024
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated... High Unreviewed
CVE-2024-37038 was published Jun 12, 2024
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may... High Unreviewed
CVE-2023-43629 was published May 16, 2024
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may... High Unreviewed
CVE-2023-24460 was published May 16, 2024
Sourcecodester Human Resource Management System 1.0 is vulnerable to Insecure Permissions... High Unreviewed
CVE-2024-34221 was published May 14, 2024
extcap/nrf_sniffer_ble.py, extcap/nrf_sniffer_ble.sh, extcap/SnifferAPI/*.py in Nordic... High Unreviewed
CVE-2023-46870 was published May 14, 2024
On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to... High Unreviewed
CVE-2024-4030 was published May 7, 2024
Clario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to... High Unreviewed
CVE-2024-34474 was published May 5, 2024
Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. High Unreviewed
CVE-2024-34455 was published May 3, 2024
An issue was discovered in Logpoint 7.1 before 7.1.2. The daily executed cron file... High Unreviewed
CVE-2022-48685 was published Apr 28, 2024
Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing... High Unreviewed
CVE-2023-23976 was published Apr 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database