Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

408 advisories

Loading
cilium-agent container can access the host via `hostPath` mount Moderate
CVE-2023-27593 was published for github.com/cilium/cilium (Go) Mar 17, 2023
tasoskoutlis-f3 daniel-f3
mag-ocz
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3101 was published for tripleo-ansible (pip) Mar 23, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3146 was published for tripleo-ansible (pip) Mar 23, 2023
PowerJob vulnerable to Insecure Permissions Moderate
CVE-2023-29923 was published for tech.powerjob:powerjob (Maven) Apr 19, 2023
A valid, authenticated XCC user with read-only permissions can modify custom user roles on other... Moderate Unreviewed
CVE-2023-29058 was published Apr 28, 2023
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura... Moderate Unreviewed
CVE-2023-28192 was published May 8, 2023
In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local... Moderate Unreviewed
CVE-2023-21104 was published May 16, 2023
Jenkins SAML Single Sign On(SSO) Plugin missing permission checks Moderate
CVE-2023-32996 was published for io.jenkins.plugins:miniorange-saml-sp (Maven) May 16, 2023
Jenkins AppSpider Plugin missing permission check Moderate
CVE-2023-32999 was published for com.rapid7:jenkinsci-appspider-plugin (Maven) May 16, 2023
An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0... Moderate Unreviewed
CVE-2022-33877 was published Jun 13, 2023
A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged... Moderate Unreviewed
CVE-2023-23344 was published Jun 23, 2023
In Splunk Enterprise versions below 8.1.13 and 8.2.10, the ‘createrss’ external search command... Moderate Unreviewed
CVE-2023-22931 was published Jul 6, 2023
Omnis Studio 10.22.00 has incorrect access control. It advertises a feature for making Omnis... Moderate Unreviewed
CVE-2023-38335 was published Jul 20, 2023
Omnis Studio 10.22.00 has incorrect access control. It advertises an irreversible feature for... Moderate Unreviewed
CVE-2023-38334 was published Jul 20, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various... Moderate Unreviewed
CVE-2023-3323 was published Jul 24, 2023
Incorrect default permissions in the Intel(R) Support android application before version v23.02... Moderate Unreviewed
CVE-2023-27392 was published Aug 11, 2023
Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an... Moderate Unreviewed
CVE-2023-2737 was published Aug 16, 2023
A permissions issue was addressed with improved redaction of sensitive information. This issue is... Moderate Unreviewed
CVE-2023-34352 was published Sep 6, 2023
The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4... Moderate Unreviewed
CVE-2022-3466 was published Sep 15, 2023
Sensitive information disclosure due to insecure folder permissions. The following products are... Moderate Unreviewed
CVE-2023-5042 was published Sep 20, 2023
A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in... Moderate Unreviewed
CVE-2023-4065 was published Sep 27, 2023
Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux... Moderate Unreviewed
CVE-2023-45690 was published Oct 16, 2023
A vulnerability due to improper write protection of UEFI variables was reported in the BIOS of... Moderate Unreviewed
CVE-2022-4575 was published Oct 30, 2023
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files,... Moderate Unreviewed
CVE-2023-4091 was published Nov 3, 2023
Incorrect default permissions in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows... Moderate Unreviewed
CVE-2023-27305 was published Nov 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database