Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

583 advisories

Loading
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to... High Unreviewed
CVE-2023-22592 was published Jan 18, 2023
Dell command configuration, version 4.8 and prior, contains improper folder permission when... High Unreviewed
CVE-2022-34457 was published Jan 18, 2023
A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git... High Unreviewed
CVE-2022-38065 was published Dec 21, 2022
A vulnerability has been identified in Simcenter STAR-CCM+ (All versions). The affected... High Unreviewed
CVE-2022-43517 was published Dec 13, 2022
Hasura GraphQL Engine before 2.15.2 mishandles row-level authorization in the Update Many API for... High Unreviewed
CVE-2022-46792 was published Dec 8, 2022
OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a... High Unreviewed
CVE-2022-44725 was published Nov 18, 2022
CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of... High Unreviewed
CVE-2022-45193 was published Nov 12, 2022
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1... High Unreviewed
CVE-2022-39883 was published Nov 10, 2022
Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed
CVE-2022-44732 was published Nov 8, 2022
Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed
CVE-2022-44733 was published Nov 8, 2022
Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on... High Unreviewed
CVE-2022-3258 was published Nov 4, 2022
The Automox Agent before 40 on Windows incorrectly sets permissions on key files. High Unreviewed
CVE-2022-36122 was published Oct 21, 2022
An Incorrect Permission Assignment vulnerability in shell processing of Juniper Networks Junos OS... High Unreviewed
CVE-2022-22248 was published Oct 18, 2022
Brokercap Bifrost subject to authentication bypass when using HTTP basic authentication High
CVE-2022-39219 was published for github.com/brokercap/Bifrost (Go) Sep 27, 2022
tarihub
CRI-O incorrect handling of supplementary groups may lead to sensitive information disclosure High
CVE-2022-2995 was published for github.com/cri-o/cri-o (Go) Sep 20, 2022
A local unprivileged attacker may escalate to administrator privileges in Honeywell SoftMaster... High Unreviewed
CVE-2022-2332 was published Sep 17, 2022
Talos worker join token can be used to get elevated access level to the Talos API High
CVE-2022-36103 was published for github.com/talos-systems/talos (Go) Sep 16, 2022
smira
In addOrUpdateNetwork of WifiServiceImpl.java, there is a possible way for a guest user to... High Unreviewed
CVE-2022-20398 was published Sep 14, 2022
CuppaCMS 1.0 is vulnerable to Remote Code Execution (RCE). An authenticated user can control both... High Unreviewed
CVE-2022-37190 was published Sep 14, 2022
Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an... High Unreviewed
CVE-2022-37458 was published Sep 3, 2022
Apache ShenYu Admin has insecure permissions High
CVE-2022-37435 was published for org.apache.shenyu:shenyu-common (Maven) Sep 2, 2022
An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6... High Unreviewed
CVE-2022-32777 was published Aug 23, 2022
An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6... High Unreviewed
CVE-2022-32778 was published Aug 23, 2022
In Wifi, there is a possible way to enable Wifi without permissions due to a missing permission... High Unreviewed
CVE-2022-20329 was published Aug 13, 2022
In Keyguard, there is a missing permission check. This could lead to local escalation of... High Unreviewed
CVE-2022-20274 was published Aug 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database