GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,630
Composer 4,715
Erlang 34
GitHub Actions 28
Go 2,302
Maven 5,577
npm 3,946
NuGet 711
pip 3,716
Pub 12
RubyGems 920
Rust 964
Swift 38

Unreviewed advisories

All unreviewed 257,140

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

472 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Incorrect Default Permissions in Beego Moderate

CVE-2019-16355 was published for github.com/astaxie/beego (Go) May 24, 2022

Information disclosure in the Contao backend Moderate

CVE-2019-19712 was published for contao/contao (Composer) Dec 17, 2019

Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an... Moderate Unreviewed

CVE-2023-2737 was published Aug 16, 2023

An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0... Moderate Unreviewed

CVE-2022-33877 was published Jun 13, 2023

A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura... Moderate Unreviewed

CVE-2023-28192 was published May 8, 2023

A permissions issue was addressed with improved redaction of sensitive information. This issue is... Moderate Unreviewed

CVE-2023-34352 was published Sep 6, 2023

In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user... Moderate Unreviewed

CVE-2019-18367 was published May 24, 2022

Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux... Moderate Unreviewed

CVE-2023-45690 was published Oct 16, 2023

A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in... Moderate Unreviewed

CVE-2023-4065 was published Sep 27, 2023

The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4... Moderate Unreviewed

CVE-2022-3466 was published Sep 15, 2023

Incorrect default permissions in the Intel(R) Support android application before version v23.02... Moderate Unreviewed

CVE-2023-27392 was published Aug 11, 2023

A vulnerability exists by allowing low-privileged users to read and update the data in various... Moderate Unreviewed

CVE-2023-3323 was published Jul 24, 2023

In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command... Moderate Unreviewed

CVE-2023-22931 was published Jul 6, 2023

In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local... Moderate Unreviewed

CVE-2023-21104 was published May 16, 2023

A valid, authenticated XCC user with read-only permissions can modify custom user roles on other... Moderate Unreviewed

CVE-2023-29058 was published Apr 28, 2023

An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for... Moderate Unreviewed

CVE-2019-17103 was published May 24, 2022

The Symantec SONAR component, prior to 12.0.2, may be susceptible to a tamper protection bypass... Moderate Unreviewed

CVE-2019-12752 was published May 24, 2022

In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the... Moderate Unreviewed

CVE-2019-18369 was published May 24, 2022

In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View... Moderate Unreviewed

CVE-2019-18366 was published May 24, 2022

An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU... Moderate Unreviewed

CVE-2019-14925 was published May 24, 2022

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow... Moderate Unreviewed

CVE-2019-15962 was published May 24, 2022

In Limesurvey before 3.17.14, admin users can run an integrity check without proper permissions. Moderate Unreviewed

CVE-2019-16183 was published May 24, 2022

WTF before 0.19.0 does not set the permissions of config.yml, which might make it easier for... Moderate Unreviewed

CVE-2019-15716 was published May 24, 2022

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows... Moderate Unreviewed

CVE-2014-7301 was published May 17, 2022

Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages... Moderate Unreviewed

CVE-2013-4763 was published May 5, 2022

Previous 1 2 … 5 6 7 8 9 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

472 advisories