Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

80 advisories

Loading
An issue was discovered in Couchbase Server before 7.2.4. An attacker can bypass SQL++ N1QL cURL... Moderate Unreviewed
CVE-2023-49932 was published Feb 29, 2024
Improper permission handling in the vault offline cache feature in Devolutions Remote Desktop... Moderate Unreviewed
CVE-2024-3545 was published Apr 9, 2024
Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated... Moderate Unreviewed
CVE-2024-9333 was published Oct 2, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-44188 was published Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-40859 was published Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-27858 was published Sep 17, 2024
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2024-40831 was published Sep 17, 2024
Ansible Arbitrary File Overwrite Vulnerability Moderate
CVE-2013-4260 was published for ansible (pip) May 14, 2022
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a... Moderate Unreviewed
CVE-2024-33892 was published Aug 2, 2024
Improperly calculated effective permissions in M-Files Server versions 23.9 and 23.10 and 23.11... Moderate Unreviewed
CVE-2023-6239 was published Nov 28, 2023
Anope before 2.0.15 does not prevent resetting the password of a suspended account. Moderate Unreviewed
CVE-2024-30187 was published Mar 25, 2024
User with no permission to any of the Hosts can access and view host count & other statistics... Moderate Unreviewed
CVE-2024-22114 was published Aug 12, 2024
A non-admin user can change or remove important features within the Zabbix Agent application,... Moderate Unreviewed
CVE-2024-22121 was published Aug 12, 2024
Moby (Docker Engine) Insufficiently restricted permissions on data directory Moderate
CVE-2021-41091 was published for github.com/docker/docker (Go) Jan 31, 2024
joanbm AlonZa
neersighted
Apache Airflow: Ignored Airflow Permission Moderate
CVE-2024-28746 was published for apache-airflow (pip) Mar 14, 2024
oscerd
Apache Airflow Improper Preservation of Permissions vulnerability Moderate
CVE-2024-29735 was published for apache-airflow (pip) Mar 26, 2024
Quarkus: security checks in resteasy reactive may trigger a denial of service Moderate
CVE-2024-1726 was published for io.quarkus.resteasy.reactive:resteasy-reactive (Maven) Apr 25, 2024
OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions Moderate
CVE-2022-44020 was published for sushy-tools (pip) Oct 30, 2022
The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory.... Moderate Unreviewed
CVE-2022-47637 was published Sep 13, 2023
In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time... Moderate Unreviewed
CVE-2023-21249 was published Jul 13, 2023
An insecure filesystem permission in the Insider Threat Management Agent for Windows enables... Moderate Unreviewed
CVE-2023-2818 was published Jun 27, 2023
A valid, authenticated user with limited privileges may be able to use specifically crafted web... Moderate Unreviewed
CVE-2023-2993 was published Jun 26, 2023
Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64... Moderate Unreviewed
CVE-2019-20384 was published May 24, 2022
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without... Moderate Unreviewed
CVE-2019-14956 was published May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x... Moderate Unreviewed
CVE-2019-6995 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database