Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

95 advisories

Loading
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows... Critical Unreviewed
CVE-2024-24117 was published Oct 2, 2024
Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists Critical
CVE-2023-32197 was published for github.com/rancher/rancher (Go) Oct 25, 2024
RKE2 allows privilege escalation in Windows nodes due to Insecure Access Control Lists Critical
GHSA-x7xj-jvwp-97rv was published for github.com/rancher/rke2 (Go) Oct 25, 2024
Incorrect Permission Assignment for Critical Resource in Plone Critical
CVE-2021-33509 was published for Plone (pip) Jun 15, 2021
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead... Critical Unreviewed
CVE-2024-10018 was published Oct 16, 2024
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430,... Critical Unreviewed
CVE-2023-40622 was published Sep 13, 2023
Koji hub call does not perform correct access checks Critical
CVE-2018-1002150 was published for koji (pip) Jul 12, 2018
Mercurial Incorrect Access Control vulnerability Critical
CVE-2018-1000132 was published for mercurial (pip) May 13, 2022
Improper permission configurationDomain configuration vulnerability of the mobile application ... Critical Unreviewed
CVE-2024-8039 was published Sep 16, 2024
A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All... Critical Unreviewed
CVE-2024-41171 was published Sep 10, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue... Critical Unreviewed
CVE-2024-3375 was published Apr 29, 2024
Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user... Critical Unreviewed
CVE-2024-5163 was published Jun 17, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics... Critical Unreviewed
CVE-2024-5618 was published Jul 18, 2024
Insecure Permissions vulnerability in Guangzhou Yingshi Electronic Technology Co. Ncast Yingshi... Critical Unreviewed
CVE-2024-33435 was published Apr 29, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed
CVE-2024-33499 was published May 14, 2024
Moodle command execution vulnerability exists in the default legacy spellchecker plugin Critical
CVE-2021-21809 was published for moodle/moodle (Composer) May 24, 2022
Insecure permissions in the configuration directory (/conf/) of OPNsense before 23.7 allow... Critical Unreviewed
CVE-2023-39004 was published Aug 9, 2023
Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on... Critical Unreviewed
CVE-2023-0834 was published Apr 28, 2023
Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability.... Critical Unreviewed
CVE-2019-8071 was published May 24, 2022
An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable... Critical Unreviewed
CVE-2019-11526 was published May 24, 2022
In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on... Critical Unreviewed
CVE-2018-20871 was published May 24, 2022
Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is:... Critical Unreviewed
CVE-2019-1010101 was published May 24, 2022
DGLogik Inc DGLux Server All Versions is affected by: Insecure Permissions. The impact is: Remote... Critical Unreviewed
CVE-2019-1010009 was published May 24, 2022
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion. Critical Unreviewed
CVE-2018-14916 was published May 24, 2022
Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com... Critical Unreviewed
CVE-2018-10171 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database