Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,458
Erlang
33
GitHub Actions
22
Go
2,157
Maven
5,000+
npm
3,819
NuGet
695
pip
3,498
Pub
12
RubyGems
903
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

564 advisories

Loading
An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06... High Unreviewed
CVE-2022-45552 was published Mar 3, 2023
Incorrect access permission of a specific service issue exists in RemoteView Agent (for Windows)... High Unreviewed
CVE-2025-22447 was published Mar 6, 2025
Incorrect access permission of a specific folder issue exists in RemoteView Agent (for Windows)... High Unreviewed
CVE-2025-24864 was published Mar 6, 2025
Spotipy's cache file, containing spotify auth token, is created with overly broad permissions High
CVE-2025-27154 was published for spotipy (pip) Feb 28, 2025
alichtman
An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows attackers to escalate... High Unreviewed
CVE-2023-27091 was published Apr 4, 2023
Fluent Fluentd and Fluent-ui use default password High
CVE-2020-21514 was published for fluentd (RubyGems) Apr 4, 2023
When the installation directory does not have sufficiently restrictive file permissions, an... High Unreviewed
CVE-2022-43701 was published Jul 28, 2023
When the directory containing the installer does not have sufficiently restrictive file... High Unreviewed
CVE-2022-43702 was published Jul 28, 2023
NGINX Management Suite default file permissions are set such that an authenticated attacker may... High Unreviewed
CVE-2023-28724 was published Jul 6, 2023
Incorrect directory permissions for the shared NI RabbitMQ service may allow a local... High Unreviewed
CVE-2024-1156 was published Feb 20, 2024
Incorrect permissions in the installation directories for shared SystemLink Elixir based services... High Unreviewed
CVE-2024-1155 was published Feb 20, 2024
Incorrect default permissions in the AMD Integrated Management Technology (AIM-T) Manageability... High Unreviewed
CVE-2023-31360 was published Feb 11, 2025
An issue found in DUALSPACE Lock Master v.2.2.4 allows a local attacker to cause a denial of... High Unreviewed
CVE-2023-27647 was published Apr 14, 2023
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. It creates an authentication... High Unreviewed
CVE-2023-22951 was published Apr 13, 2023
pgAdmin has Incorrect Default Permissions High
CVE-2023-1907 was published for pgadmin4 (pip) Jan 9, 2025
In onCreate of NotificationAccessConfirmationActivity.java , there is a possible way to hide an... High Unreviewed
CVE-2024-49742 was published Jan 22, 2025
An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The read/write... High Unreviewed
CVE-2021-41614 was published Apr 18, 2023
Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to... High Unreviewed
CVE-2024-11468 was published Feb 5, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-24107 was published Jan 28, 2025
Polycom RealPresence Group 500 <=20 has Insecure Permissions due to automatically loaded cookies.... High Unreviewed
CVE-2025-22918 was published Feb 3, 2025
A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows... High Unreviewed
CVE-2021-23166 was published Apr 25, 2023
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process... High Unreviewed
CVE-2024-1488 was published Feb 15, 2024
A vulnerability in the NetExtender Windows client log export function allows unauthorized access... High Unreviewed
CVE-2025-23007 was published Jan 30, 2025
The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need... High Unreviewed
CVE-2023-1809 was published May 2, 2023
A use after free issue was addressed with improved memory management. This issue is fixed in... High Unreviewed
CVE-2025-24085 was published Jan 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database