Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

52 advisories

Loading
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise... Critical Unreviewed
CVE-2024-44760 was published Aug 28, 2024
It was possible for a web extension with minimal permissions to create a `StreamFilter` which... Critical Unreviewed
CVE-2024-7525 was published Aug 6, 2024
Incorrect Permission Assignment for Critical Resource vulnerability in Havelsan Inc. Dialogue... Critical Unreviewed
CVE-2024-3375 was published Apr 29, 2024
Permission management vulnerability in the PMS module. Successful exploitation of this... Critical Unreviewed
CVE-2023-46773 was published Dec 6, 2023
Insecure Permissions vulnerability in GL.iNet AX1800 v.3.215 and before allows a remote attacker... Critical Unreviewed
CVE-2023-47462 was published Nov 29, 2023
TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions... Critical Unreviewed
CVE-2022-42150 was published Oct 19, 2023
TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the ... Critical Unreviewed
CVE-2023-27133 was published Oct 17, 2023
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured... Critical Unreviewed
CVE-2022-4039 was published Sep 22, 2023
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control... Critical Unreviewed
CVE-2023-31068 was published Sep 11, 2023
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control... Critical Unreviewed
CVE-2023-31067 was published Sep 11, 2023
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device... Critical Unreviewed
CVE-2023-29131 was published Jul 11, 2023
Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. A remote... Critical Unreviewed
CVE-2023-33282 was published Jun 7, 2023
An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An... Critical Unreviewed
CVE-2023-31116 was published Jun 7, 2023
SoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the component provides the method... Critical Unreviewed
CVE-2023-29732 was published May 30, 2023
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be... Critical Unreviewed
CVE-2023-29919 was published May 23, 2023
An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which... Critical Unreviewed
CVE-2023-23059 was published May 4, 2023
Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a... Critical Unreviewed
CVE-2023-26918 was published Apr 14, 2023
An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration... Critical Unreviewed
CVE-2021-34182 was published Feb 17, 2023
Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier,... Critical Unreviewed
CVE-2022-34824 was published Nov 9, 2022
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Insecure Permissions... Critical Unreviewed
CVE-2022-40109 was published Sep 7, 2022
influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing... Critical Unreviewed
CVE-2022-36640 was published Sep 3, 2022
The AOD module has a vulnerability in permission assignment. Successful exploitation of this... Critical Unreviewed
CVE-2022-37003 was published Aug 11, 2022
The application security module has a vulnerability in permission assignment. Successful... Critical Unreviewed
CVE-2022-34737 was published Jul 13, 2022
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation... Critical Unreviewed
CVE-2022-32207 was published Jul 8, 2022
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an... Critical Unreviewed
CVE-2022-33175 was published Jun 14, 2022
ProTip! Advisories are also available from the GraphQL API