GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,093
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,902
Maven 5,100
npm 3,631
NuGet 638
pip 3,246
Pub 10
RubyGems 863
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,434

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

81 advisories

Filter by severity

Sort by

Least recently updated

Improper permission configurationDomain configuration vulnerability of the mobile application ... Critical Unreviewed

CVE-2024-8039 was published Sep 16, 2024

A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All... Critical Unreviewed

CVE-2024-41171 was published Sep 10, 2024

Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics... Critical Unreviewed

CVE-2024-5618 was published Jul 18, 2024

Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user... Critical Unreviewed

CVE-2024-5163 was published Jun 17, 2024

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed

CVE-2024-33499 was published May 14, 2024

Insecure Permissions vulnerability in Guangzhou Yingshi Electronic Technology Co. Ncast Yingshi... Critical Unreviewed

CVE-2024-33435 was published Apr 29, 2024

Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue... Critical Unreviewed

CVE-2024-3375 was published Apr 29, 2024

A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform... Critical Unreviewed

CVE-2024-21915 was published Feb 16, 2024

Incorrect Permission Assignment for Critical Resource vulnerability in PHOENIX CONTACT MULTIPROG,... Critical Unreviewed

CVE-2023-0757 was published Dec 14, 2023

Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the... Critical Unreviewed

CVE-2023-46141 was published Dec 14, 2023

Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on... Critical Unreviewed

CVE-2023-6593 was published Dec 12, 2023

NETSCOUT nGeniusPULSE 3.8 has Weak File Permissions Vulnerability Critical Unreviewed

CVE-2023-40302 was published Dec 7, 2023

In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a... Critical Unreviewed

CVE-2023-49946 was published Dec 3, 2023

EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource Critical Unreviewed

CVE-2023-42489 was published Oct 25, 2023

Request to LDAP is sent before user permissions are checked. Critical Unreviewed

CVE-2023-32723 was published Oct 12, 2023

Insecure permissions in the configuration directory (/conf/) of OPNsense before 23.7 allow... Critical Unreviewed

CVE-2023-39004 was published Aug 9, 2023

Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on... Critical Unreviewed

CVE-2023-0834 was published Apr 28, 2023

Clash for Windows v0.20.12 was discovered to contain a remote code execution (RCE) vulnerability... Critical Unreviewed

CVE-2023-24205 was published Feb 24, 2023

Code by Zapier before 2022-08-17 allowed intra-account privilege escalation that included... Critical Unreviewed

CVE-2022-28802 was published Sep 22, 2022

Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete... Critical Unreviewed

CVE-2021-22648 was published Jul 29, 2022

A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to... Critical Unreviewed

CVE-2022-2185 was published Jul 2, 2022

A vulnerability exists in Online Student Rate System v1.0 that allows any user to register as an... Critical Unreviewed

CVE-2021-39409 was published Jun 25, 2022

In Gradle Enterprise before 2021.3 (and Enterprise Build Cache Node before 10.0), there is... Critical Unreviewed

CVE-2021-41589 was published May 24, 2022

Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed

CVE-2021-41974 was published May 24, 2022

Insecure permissions in Update Manager <= 5.8.0.2300 and DFL <= 12.5.1001.5 in DATEV programs v14... Critical Unreviewed

CVE-2021-41428 was published May 24, 2022

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

81 advisories