Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,458
Erlang
33
GitHub Actions
22
Go
2,156
Maven
5,000+
npm
3,818
NuGet
693
pip
3,497
Pub
12
RubyGems
903
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

461 advisories

Loading
An issue was discovered in GitLab Community and Enterprise Edition 10.8 through 12.2.1. An... Moderate Unreviewed
CVE-2019-15721 was published May 24, 2022
Improper file permissions in the installer for Intel(R) Easy Streaming Wizard before version 2.1... Moderate Unreviewed
CVE-2019-11166 was published May 24, 2022
lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps... Moderate Unreviewed
CVE-2019-15119 was published May 24, 2022
Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions. Moderate Unreviewed
CVE-2018-12357 was published May 24, 2022
Dell Grab for Windows, versions 5.0.4 and below, contains an improper file permissions... Moderate Unreviewed
CVE-2024-25956 was published Mar 26, 2024
NuGet Package Manager Tampering Vulnerability Moderate
CVE-2019-0976 was published for NuGet.Commands (NuGet) May 24, 2022
JarLob
** DISPUTED ** An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1.... Moderate Unreviewed
CVE-2020-12831 was published May 24, 2022
IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7... Moderate Unreviewed
CVE-2007-5544 was published May 1, 2022
nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/nss-ldapd.conf file, which... Moderate Unreviewed
CVE-2009-1073 was published May 2, 2022
TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions ... Moderate Unreviewed
CVE-2009-3482 was published May 2, 2022
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of... Moderate Unreviewed
CVE-2009-3289 was published May 2, 2022
Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure... Moderate Unreviewed
CVE-2009-3489 was published May 2, 2022
Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at... Moderate Unreviewed
CVE-2009-3897 was published May 2, 2022
Lack of access control on upoaded files Moderate
CVE-2019-12245 was published for silverstripe/assets (Composer) Nov 12, 2019
Mautic vulnerable to secret data exfiltration via symfony parameters Moderate
CVE-2021-27908 was published for mautic/core (Composer) Apr 6, 2021
Gregy fedys
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has... Moderate Unreviewed
CVE-2009-3939 was published May 2, 2022
Record titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleter Moderate
CVE-2023-48714 was published for silverstripe/framework (Composer) Jan 23, 2024
A user authorized to performing a specific type of find query may trigger a denial of service.... Moderate Unreviewed
CVE-2021-20326 was published May 24, 2022
Privilege Escalation in HashiCorp Consul Moderate
CVE-2020-28053 was published for github.com/hashicorp/consul (Go) Jan 31, 2024
Archive package allows chmod of file outside of unpack target directory Moderate
CVE-2021-32760 was published for github.com/containerd/containerd (Go) Jul 26, 2021
tdunlap607
Arbitrary file read vulnerability in Jenkins AWS CodeCommit Trigger Plugin Moderate
CVE-2023-35147 was published for org.jenkins-ci.plugins:aws-codecommit-trigger (Maven) Jun 14, 2023
Unsafe methods in the default list of approved signatures in Jenkins Script Security Plugin Moderate
CVE-2017-1000095 was published for org.jenkins-ci.plugins:script-security (Maven) May 13, 2022
Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some... Moderate Unreviewed
CVE-2023-38541 was published Jan 19, 2024
Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged ... Moderate Unreviewed
CVE-2023-31445 was published May 11, 2023
A vulnerability in the restricted security domain implementation of Cisco Application Policy... Moderate Unreviewed
CVE-2023-20230 was published Aug 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database