GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,278
Composer 4,356
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,297
npm 3,782
NuGet 683
pip 3,463
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,109

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

461 advisories

Filter by severity

Sort by

Least recently updated

The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS... Moderate Unreviewed

CVE-2018-18812 was published May 13, 2022

A permissions issue existed in which execute permission was incorrectly granted. This issue was... Moderate Unreviewed

CVE-2018-4178 was published May 13, 2022

Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an... Moderate Unreviewed

CVE-2019-0111 was published May 13, 2022

Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an... Moderate Unreviewed

CVE-2019-0108 was published May 13, 2022

An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants... Moderate Unreviewed

CVE-2019-0588 was published May 13, 2022

An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files... Moderate Unreviewed

CVE-2019-0804 was published May 13, 2022

IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and... Moderate Unreviewed

CVE-2019-4093 was published May 13, 2022

onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files... Moderate Unreviewed

CVE-2018-13122 was published May 13, 2022

The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 allows remote authenticated... Moderate Unreviewed

CVE-2010-2116 was published May 13, 2022

IBM Spectrum LSF 9.1.1 9.1.2, 9.1.3, and 10.1 could allow a local user to change their job user... Moderate Unreviewed

CVE-2018-1724 was published May 13, 2022

IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box... Moderate Unreviewed

CVE-2018-1420 was published May 13, 2022

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 specifies permissions for a security... Moderate Unreviewed

CVE-2018-1370 was published May 13, 2022

setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and... Moderate Unreviewed

CVE-2018-1113 was published May 13, 2022

On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40... Moderate Unreviewed

CVE-2018-14825 was published May 13, 2022

It was discovered that sos-collector does not properly set the default permissions of newly... Moderate Unreviewed

CVE-2018-14650 was published May 13, 2022

openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific... Moderate Unreviewed

CVE-2018-12466 was published May 13, 2022

Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious... Moderate Unreviewed

CVE-2018-12467 was published May 13, 2022

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to... Moderate Unreviewed

CVE-2018-0392 was published May 13, 2022

In the open build service before 201707022 the wipetrigger and rebuild actions checked the wrong... Moderate Unreviewed

CVE-2017-9268 was published May 13, 2022

It was found that rhnsd PID files are created as world-writable that allows local attackers to... Moderate Unreviewed

CVE-2017-7560 was published May 13, 2022

Incorrect Permission Assignment for Critical Resource in Jenkins Moderate

CVE-2017-2612 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022

IBM QRadar 7.3 and 7.3.1 specifies permissions for a security-critical resource in a way that... Moderate Unreviewed

CVE-2017-1624 was published May 13, 2022

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via... Moderate Unreviewed

CVE-2017-0883 was published May 13, 2022

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders... Moderate Unreviewed

CVE-2017-0884 was published May 13, 2022

A permissions flaw was found in redis, which sets weak permissions on certain files and... Moderate Unreviewed

CVE-2016-2121 was published May 13, 2022

Previous 1 2 3 4 5 6 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

461 advisories