GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
849 advisories
Filter by severity
In CellBroadcastReceiver's intent handlers, there is a possible denial of service due to a...
Moderate
Unreviewed
CVE-2020-0437
was published
May 24, 2022
In areFunctionsSupported of UsbBackend.java, there is a possible access to tethering from a guest...
High
Unreviewed
CVE-2020-0485
was published
May 24, 2022
Insecure File Permissions exist in Aviatrix Controller 5.3.1516. Several world writable files and...
High
Unreviewed
CVE-2020-27568
was published
May 24, 2022
In checkSlicePermission of SliceManagerService.java, there is a possible resource exposure due to...
Moderate
Unreviewed
CVE-2021-0382
was published
May 24, 2022
In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions.
High
Unreviewed
CVE-2022-31500
was published
Jun 3, 2022
Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows...
Critical
Unreviewed
CVE-2020-28910
was published
May 24, 2022
vFairs 3.3 is affected by Insecure Permissions. Any user logged in to a vFairs virtual conference...
Moderate
Unreviewed
CVE-2020-26679
was published
May 24, 2022
In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a...
Moderate
Unreviewed
CVE-2021-0588
was published
May 24, 2022
In isRealSnapshot of TaskThumbnailView.java, there is possible data exposure due to a missing...
Moderate
Unreviewed
CVE-2021-0654
was published
May 24, 2022
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. Insecure...
Moderate
Unreviewed
CVE-2022-25804
was published
Jun 10, 2022
A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers (CLSID...
High
Unreviewed
CVE-2020-13534
was published
May 24, 2022
In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts...
High
Unreviewed
CVE-2021-0603
was published
May 24, 2022
In sendNetworkConditionsBroadcast of NetworkMonitor.java, there is a possible way for a...
Moderate
Unreviewed
CVE-2021-0590
was published
May 24, 2022
PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers...
Moderate
Unreviewed
CVE-2022-30747
was published
Jun 8, 2022
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious...
High
Unreviewed
CVE-2022-29483
was published
Jun 3, 2022
The Adobe ColdFusion installer fails to set a secure access-control list (ACL) on the default...
High
Unreviewed
CVE-2020-10145
was published
May 24, 2022
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this...
Moderate
Unreviewed
CVE-2021-46811
was published
Jun 14, 2022
Octokit gem published with world-writable files
Low
CVE-2022-31072
was published
for
octokit
(RubyGems)
Jun 15, 2022
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an...
Critical
Unreviewed
CVE-2022-33175
was published
Jun 14, 2022
Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may...
Moderate
Unreviewed
CVE-2022-27500
was published
Aug 19, 2022
An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection...
High
Unreviewed
CVE-2022-32562
was published
Jun 14, 2022
In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner...
High
Unreviewed
CVE-2022-20137
was published
Jun 16, 2022
A permission issue affects users that deployed the shipped version of the Checkmk Debian package....
High
Unreviewed
CVE-2022-33912
was published
Jun 18, 2022
Weak access control permissions in MELAG FTP Server 2.2.0.4 allow the "Everyone" group to read...
High
Unreviewed
CVE-2021-41637
was published
Jun 25, 2022
A privilege escalation vulnerability exists in the Windows version of installation for Advantech...
High
Unreviewed
CVE-2021-21912
was published
Dec 23, 2021
ProTip!
Advisories are also available from the
GraphQL API