Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,462
Erlang
33
GitHub Actions
22
Go
2,159
Maven
5,000+
npm
3,820
NuGet
696
pip
3,502
Pub
12
RubyGems
903
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,161 advisories

Loading
In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration... Moderate Unreviewed
CVE-2025-27926 was published Mar 11, 2025
An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06... High Unreviewed
CVE-2022-45552 was published Mar 3, 2023
Incorrect access permission of a specific service issue exists in RemoteView Agent (for Windows)... High Unreviewed
CVE-2025-22447 was published Mar 6, 2025
Incorrect access permission of a specific folder issue exists in RemoteView Agent (for Windows)... High Unreviewed
CVE-2025-24864 was published Mar 6, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27677 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330... Critical Unreviewed
CVE-2025-27682 was published Mar 5, 2025
Spotipy's cache file, containing spotify auth token, is created with overly broad permissions High
CVE-2025-27154 was published for spotipy (pip) Feb 28, 2025
alichtman
Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before... Critical Unreviewed
CVE-2022-25899 was published Aug 19, 2022
In Public Knowledge Project (PKP) OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an... Critical Unreviewed
CVE-2024-56525 was published Feb 25, 2025
Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission... Moderate Unreviewed
CVE-2025-21106 was published Feb 20, 2025
Improper Handling of Insufficient Privileges in Samsung Account prior to version 14.8.00.3 allows... Moderate Unreviewed
CVE-2024-20841 was published Mar 5, 2024
An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows attackers to escalate... High Unreviewed
CVE-2023-27091 was published Apr 4, 2023
Apache Superset has Incorrect Default Permissions Moderate
CVE-2023-42501 was published for apache-superset (pip) Nov 27, 2023
Fluent Fluentd and Fluent-ui use default password High
CVE-2020-21514 was published for fluentd (RubyGems) Apr 4, 2023
When the installation directory does not have sufficiently restrictive file permissions, an... High Unreviewed
CVE-2022-43701 was published Jul 28, 2023
When the directory containing the installer does not have sufficiently restrictive file... High Unreviewed
CVE-2022-43702 was published Jul 28, 2023
NGINX Management Suite default file permissions are set such that an authenticated attacker may... High Unreviewed
CVE-2023-28724 was published Jul 6, 2023
Incorrect default permissions for some Intel(R) DSA installer for Windows before version 24.2.19... Moderate Unreviewed
CVE-2024-32942 was published Feb 13, 2025
Incorrect default permissions for some Intel(R) GPA and Intel(R) GPA Framework software... Moderate Unreviewed
CVE-2024-42419 was published Feb 13, 2025
Incorrect directory permissions for the shared NI RabbitMQ service may allow a local... High Unreviewed
CVE-2024-1156 was published Feb 20, 2024
Incorrect permissions in the installation directories for shared SystemLink Elixir based services... High Unreviewed
CVE-2024-1155 was published Feb 20, 2024
Incorrect default permissions in the AMD Integrated Management Technology (AIM-T) Manageability... High Unreviewed
CVE-2023-31360 was published Feb 11, 2025
Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to... Moderate Unreviewed
CVE-2024-20830 was published Mar 5, 2024
Magento incorrect permissions vulnerability in the Integrations component Moderate
CVE-2020-24402 was published for magento/community-edition (Composer) May 24, 2022
An issue found in DUALSPACE Lock Master v.2.2.4 allows a local attacker to cause a denial of... High Unreviewed
CVE-2023-27647 was published Apr 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database