Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,159 advisories

Loading
Incorrect Permission Assignment for Critical Resource vulnerability in PHOENIX CONTACT MULTIPROG,... Critical Unreviewed
CVE-2023-0757 was published Dec 14, 2023
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the... Critical Unreviewed
CVE-2023-46141 was published Dec 14, 2023
There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak... Moderate Unreviewed
CVE-2023-25648 was published Dec 14, 2023
Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on... Critical Unreviewed
CVE-2023-6593 was published Dec 12, 2023
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform... Low Unreviewed
CVE-2023-49578 was published Dec 12, 2023
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757,... High Unreviewed
CVE-2023-49580 was published Dec 12, 2023
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS... Moderate Unreviewed
CVE-2023-42924 was published Dec 12, 2023
An issue was discovered in Mullvad VPN Windows app before 2023.6-beta1. Insufficient permissions... High Unreviewed
CVE-2023-50446 was published Dec 10, 2023
Local Privilege Escalation in Windows High
CVE-2023-49797 was published for pyinstaller (pip) Dec 9, 2023
NETSCOUT nGeniusPULSE 3.8 has Weak File Permissions Vulnerability Critical Unreviewed
CVE-2023-40302 was published Dec 7, 2023
In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a... Critical Unreviewed
CVE-2023-49946 was published Dec 3, 2023
The FACSChorus software database can be accessed directly with the privileges of the currently... Moderate Unreviewed
CVE-2023-29065 was published Nov 28, 2023
The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks,... Moderate Unreviewed
CVE-2023-5651 was published Nov 20, 2023
Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in... High Unreviewed
CVE-2023-6179 was published Nov 17, 2023
xxl-job-admin vulnerable to Insecure Permissions Moderate
CVE-2023-48087 was published for com.xuxueli:xxl-job-admin (Maven) Nov 15, 2023
Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2... Moderate Unreviewed
CVE-2023-34314 was published Nov 14, 2023
Insecure inherited permissions in the installer for some Intel Server Configuration Utility... Moderate Unreviewed
CVE-2023-34997 was published Nov 14, 2023
Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16... Moderate Unreviewed
CVE-2023-39230 was published Nov 14, 2023
Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software... Moderate Unreviewed
CVE-2022-41700 was published Nov 14, 2023
Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before... Moderate Unreviewed
CVE-2022-33898 was published Nov 14, 2023
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2... Moderate Unreviewed
CVE-2023-36633 was published Nov 14, 2023
An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security... Moderate Unreviewed
CVE-2023-47801 was published Nov 13, 2023
Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint... High Unreviewed
CVE-2023-28134 was published Nov 13, 2023
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in... Moderate Unreviewed
CVE-2023-5136 was published Nov 8, 2023
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine... Moderate Unreviewed
CVE-2023-3282 was published Nov 8, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database