GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,771
Maven
4,995
npm
3,541
NuGet
617
pip
3,120
Pub
10
RubyGems
838
Rust
788
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
305 advisories
Filter by severity
An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8,...
Moderate
Unreviewed
CVE-2022-3758
was published
Mar 10, 2023
Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64...
Moderate
Unreviewed
CVE-2023-1229
was published
Mar 8, 2023
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R)...
Moderate
Unreviewed
CVE-2022-33196
was published
Feb 16, 2023
In wlan driver, there is a possible missing permission check. This could lead to local...
Moderate
Unreviewed
CVE-2022-47450
was published
Feb 12, 2023
A potential vulnerability in a driver used during manufacturing process on the Ideapad Y700-14ISK...
Moderate
Unreviewed
CVE-2022-3432
was published
Jan 26, 2023
A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may...
Moderate
Unreviewed
CVE-2022-3430
was published
Jan 23, 2023
A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to...
Moderate
Unreviewed
CVE-2023-20043
was published
Jan 20, 2023
In network service, there is a missing permission check. This could lead to local escalation of...
Moderate
Unreviewed
CVE-2022-39081
was published
Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of...
Moderate
Unreviewed
CVE-2022-39082
was published
Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of...
Moderate
Unreviewed
CVE-2022-39083
was published
Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of...
Moderate
Unreviewed
CVE-2022-39084
was published
Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of...
Moderate
Unreviewed
CVE-2022-39085
was published
Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of...
Moderate
Unreviewed
CVE-2022-39088
was published
Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of...
Moderate
Unreviewed
CVE-2022-39086
was published
Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of...
Moderate
Unreviewed
CVE-2022-39087
was published
Jan 4, 2023
In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission...
Moderate
Unreviewed
CVE-2022-20511
was published
Dec 20, 2022
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an...
Moderate
Unreviewed
CVE-2022-42446
was published
Dec 12, 2022
OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication...
Moderate
Unreviewed
CVE-2022-45118
was published
Dec 8, 2022
Incorrect default permissions in the Intel(R) Support Android application before version v22.02...
Moderate
Unreviewed
CVE-2022-36367
was published
Nov 11, 2022
There is a vulnerability in permission verification during the Bluetooth pairing process....
Moderate
Unreviewed
CVE-2022-44548
was published
Nov 10, 2022
Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux ...
Moderate
Unreviewed
CVE-2020-36605
was published
Nov 1, 2022
The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission...
Moderate
Unreviewed
CVE-2020-5355
was published
Oct 21, 2022
In Red Hat Openshift 1, weak default permissions are applied to the /etc/openshift/server_priv...
Moderate
Unreviewed
CVE-2013-4281
was published
Oct 19, 2022
A registry permissions vulnerability in the Trend Micro Apex One Data Loss Prevention (DLP)...
Moderate
Unreviewed
CVE-2022-41748
was published
Oct 11, 2022
An insecure default in the component auth.login.prompt.enabled of Liferay Portal v7.0.0 through...
Moderate
Unreviewed
CVE-2022-41414
was published
Oct 7, 2022
ProTip!
Advisories are also available from the
GraphQL API