GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,097
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,247
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,449

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

81 advisories

Filter by severity

Sort by

Least recently updated

Improper permission configurationDomain configuration vulnerability of the mobile application ... Critical Unreviewed

CVE-2024-8039 was published Sep 16, 2024

A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All... Critical Unreviewed

CVE-2024-41171 was published Sep 10, 2024

Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue... Critical Unreviewed

CVE-2024-3375 was published Apr 29, 2024

Improper permission settings for mobile applications (com.transsion.carlcare) may lead to user... Critical Unreviewed

CVE-2024-5163 was published Jun 17, 2024

Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics... Critical Unreviewed

CVE-2024-5618 was published Jul 18, 2024

Insecure Permissions vulnerability in Guangzhou Yingshi Electronic Technology Co. Ncast Yingshi... Critical Unreviewed

CVE-2024-33435 was published Apr 29, 2024

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed

CVE-2024-33499 was published May 14, 2024

Insecure permissions in the configuration directory (/conf/) of OPNsense before 23.7 allow... Critical Unreviewed

CVE-2023-39004 was published Aug 9, 2023

Incorrect Permission Assignment for Critical Resource vulnerability in HYPR Workforce Access on... Critical Unreviewed

CVE-2023-0834 was published Apr 28, 2023

Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability.... Critical Unreviewed

CVE-2019-8071 was published May 24, 2022

An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable... Critical Unreviewed

CVE-2019-11526 was published May 24, 2022

In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on... Critical Unreviewed

CVE-2018-20871 was published May 24, 2022

Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is:... Critical Unreviewed

CVE-2019-1010101 was published May 24, 2022

DGLogik Inc DGLux Server All Versions is affected by: Insecure Permissions. The impact is: Remote... Critical Unreviewed

CVE-2019-1010009 was published May 24, 2022

LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion. Critical Unreviewed

CVE-2018-14916 was published May 24, 2022

Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com... Critical Unreviewed

CVE-2018-10171 was published May 24, 2022

ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and chown entire server from client... Critical Unreviewed

CVE-2012-2087 was published Apr 23, 2022

Kentico 11 through 12 lets attackers upload and explore files without authentication via the... Critical Unreviewed

CVE-2019-12102 was published May 24, 2022

A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform... Critical Unreviewed

CVE-2024-21915 was published Feb 16, 2024

Request to LDAP is sent before user permissions are checked. Critical Unreviewed

CVE-2023-32723 was published Oct 12, 2023

Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on... Critical Unreviewed

CVE-2023-6593 was published Dec 12, 2023

Incorrect Permission Assignment for Critical Resource vulnerability in PHOENIX CONTACT MULTIPROG,... Critical Unreviewed

CVE-2023-0757 was published Dec 14, 2023

Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the... Critical Unreviewed

CVE-2023-46141 was published Dec 14, 2023

NETSCOUT nGeniusPULSE 3.8 has Weak File Permissions Vulnerability Critical Unreviewed

CVE-2023-40302 was published Dec 7, 2023

In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a... Critical Unreviewed

CVE-2023-49946 was published Dec 3, 2023

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

81 advisories