Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

408 advisories

Loading
The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission... Moderate Unreviewed
CVE-2020-5355 was published Oct 21, 2022
Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an... Moderate Unreviewed
CVE-2020-6476 was published May 24, 2022
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed... Moderate Unreviewed
CVE-2020-6482 was published May 24, 2022
Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed
CVE-2020-6483 was published May 24, 2022
Improper input validation in Druva inSync Client 6.5.0 allows a local, authenticated attacker to... Moderate Unreviewed
CVE-2019-4001 was published May 24, 2022
An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for... Moderate Unreviewed
CVE-2020-15852 was published May 24, 2022
coreos-installer < 0.10.0 writes world-readable Ignition config to installed system Moderate
CVE-2021-3917 was published for coreos-installer (Rust) Nov 8, 2021
xlejo
Incorrect default permissions in the installer for Intel(R) Graphics Drivers before versions 15... Moderate Unreviewed
CVE-2020-0508 was published May 24, 2022
In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user... Moderate Unreviewed
CVE-2020-0023 was published May 24, 2022
Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0... Moderate Unreviewed
CVE-2019-20106 was published May 24, 2022
In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission... Moderate Unreviewed
CVE-2022-20511 was published Dec 20, 2022
Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed
CVE-2020-6441 was published May 24, 2022
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed
CVE-2020-6445 was published May 24, 2022
Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory,... Moderate Unreviewed
CVE-2019-18895 was published May 24, 2022
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92... Moderate Unreviewed
CVE-2020-6456 was published May 24, 2022
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed
CVE-2020-6446 was published May 24, 2022
If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes... Moderate Unreviewed
CVE-2019-11738 was published May 24, 2022
In ConnectivityService, there is a possible bypass of network permissions due to a missing... Moderate Unreviewed
CVE-2022-20341 was published Aug 13, 2022
In PermissionController, there is a possible misunderstanding about the default SMS application's... Moderate Unreviewed
CVE-2022-20272 was published Aug 13, 2022
OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication... Moderate Unreviewed
CVE-2022-45118 was published Dec 8, 2022
An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions,... Moderate Unreviewed
CVE-2018-7822 was published May 24, 2022
An incorrect default permissions vulnerability was found in the mig-controller. Due to an... Moderate Unreviewed
CVE-2021-3948 was published Feb 19, 2022
plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak... Moderate Unreviewed
CVE-2010-4176 was published May 17, 2022
Incorrect default permissions in the Intel(R) Support Android application before version v22.02... Moderate Unreviewed
CVE-2022-36367 was published Nov 11, 2022
Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed
CVE-2020-6484 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database