Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,771
Maven
4,995
npm
3,541
NuGet
617
pip
3,120
Pub
10
RubyGems
838
Rust
788
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

305 advisories

Loading
An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8,... Moderate Unreviewed
CVE-2022-3758 was published Mar 10, 2023
Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64... Moderate Unreviewed
CVE-2023-1229 was published Mar 8, 2023
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R)... Moderate Unreviewed
CVE-2022-33196 was published Feb 16, 2023
In wlan driver, there is a possible missing permission check. This could lead to local... Moderate Unreviewed
CVE-2022-47450 was published Feb 12, 2023
A potential vulnerability in a driver used during manufacturing process on the Ideapad Y700-14ISK... Moderate Unreviewed
CVE-2022-3432 was published Jan 26, 2023
A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may... Moderate Unreviewed
CVE-2022-3430 was published Jan 23, 2023
A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2023-20043 was published Jan 20, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39081 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39082 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39083 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39084 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39085 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39088 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39086 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39087 was published Jan 4, 2023
In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission... Moderate Unreviewed
CVE-2022-20511 was published Dec 20, 2022
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an... Moderate Unreviewed
CVE-2022-42446 was published Dec 12, 2022
OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication... Moderate Unreviewed
CVE-2022-45118 was published Dec 8, 2022
Incorrect default permissions in the Intel(R) Support Android application before version v22.02... Moderate Unreviewed
CVE-2022-36367 was published Nov 11, 2022
There is a vulnerability in permission verification during the Bluetooth pairing process.... Moderate Unreviewed
CVE-2022-44548 was published Nov 10, 2022
Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux ... Moderate Unreviewed
CVE-2020-36605 was published Nov 1, 2022
The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission... Moderate Unreviewed
CVE-2020-5355 was published Oct 21, 2022
In Red Hat Openshift 1, weak default permissions are applied to the /etc/openshift/server_priv... Moderate Unreviewed
CVE-2013-4281 was published Oct 19, 2022
A registry permissions vulnerability in the Trend Micro Apex One Data Loss Prevention (DLP)... Moderate Unreviewed
CVE-2022-41748 was published Oct 11, 2022
An insecure default in the component auth.login.prompt.enabled of Liferay Portal v7.0.0 through... Moderate Unreviewed
CVE-2022-41414 was published Oct 7, 2022
ProTip! Advisories are also available from the GraphQL API