Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,974
Erlang
29
GitHub Actions
16
Go
1,763
Maven
4,988
npm
3,525
NuGet
615
pip
3,099
Pub
10
RubyGems
834
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

778 advisories

Loading
In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked... Moderate Unreviewed
CVE-2022-24337 was published Feb 26, 2022
In JetBrains YouTrack before 2021.4.31698, a custom logo could be set by a user who has read-only... Moderate Unreviewed
CVE-2022-24343 was published Feb 26, 2022
There is an improper permission management vulnerability in the Wallet apps. Successful... Moderate Unreviewed
CVE-2021-37103 was published Feb 26, 2022
WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an... High Unreviewed
CVE-2022-23922 was published Feb 25, 2022
WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an... High Unreviewed
CVE-2022-23104 was published Feb 25, 2022
snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying... Moderate Unreviewed
CVE-2021-3155 was published Feb 19, 2022
An incorrect default permissions vulnerability was found in the mig-controller. Due to an... Moderate Unreviewed
CVE-2021-3948 was published Feb 19, 2022
In Minetest before 5.4.0, players can add or subtract items from a different player's inventory. Moderate Unreviewed
CVE-2022-24301 was published Feb 15, 2022
Local privilege escalation due to excessive permissions assigned to child processes. The... High Unreviewed
CVE-2022-24113 was published Feb 12, 2022
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious... Critical Unreviewed
CVE-2020-14521 was published Feb 12, 2022
ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms... Critical Unreviewed
CVE-2021-39658 was published Feb 12, 2022
ims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify... Critical Unreviewed
CVE-2021-39635 was published Feb 12, 2022
In checkUriPermission of MediaProvider.java , there is a possible way to gain access to the... High Unreviewed
CVE-2021-39662 was published Feb 12, 2022
Unprotected component vulnerability in StTheaterModeReceiver in Wear OS 3.0 prior to Firmware... Moderate Unreviewed
CVE-2022-23996 was published Feb 12, 2022
Unprotected component vulnerability in StBedtimeModeAlarmReceiver in Wear OS 3.0 prior to... Moderate Unreviewed
CVE-2022-23995 was published Feb 12, 2022
It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu... Critical Unreviewed
CVE-2021-20001 was published Feb 12, 2022
Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged... Moderate Unreviewed
CVE-2021-0093 was published Feb 11, 2022
A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized... High Unreviewed
CVE-2021-22817 was published Feb 11, 2022
Incorrect default permissions in the software installer for the Intel(R) Advisor before version... High Unreviewed
CVE-2021-33129 was published Feb 11, 2022
Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may... Moderate Unreviewed
CVE-2021-33166 was published Feb 11, 2022
Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an... High Unreviewed
CVE-2022-21204 was published Feb 11, 2022
eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php. Critical Unreviewed
CVE-2021-46093 was published Feb 2, 2022
A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server... High Unreviewed
CVE-2021-40397 was published Jan 29, 2022
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1... High Unreviewed
CVE-2021-40396 was published Jan 29, 2022
A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially... High Unreviewed
CVE-2021-40388 was published Jan 29, 2022
ProTip! Advisories are also available from the GraphQL API