Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,000 advisories

Loading
Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows... Critical Unreviewed
CVE-2020-28910 was published May 24, 2022
vFairs 3.3 is affected by Insecure Permissions. Any user logged in to a vFairs virtual conference... Moderate Unreviewed
CVE-2020-26679 was published May 24, 2022
In isRealSnapshot of TaskThumbnailView.java, there is possible data exposure due to a missing... Moderate Unreviewed
CVE-2021-0654 was published May 24, 2022
In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a... Moderate Unreviewed
CVE-2021-0588 was published May 24, 2022
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. Insecure... Moderate Unreviewed
CVE-2022-25804 was published Jun 10, 2022
A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers (CLSID... High Unreviewed
CVE-2020-13534 was published May 24, 2022
In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts... High Unreviewed
CVE-2021-0603 was published May 24, 2022
In sendNetworkConditionsBroadcast of NetworkMonitor.java, there is a possible way for a... Moderate Unreviewed
CVE-2021-0590 was published May 24, 2022
PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers... Moderate Unreviewed
CVE-2022-30747 was published Jun 8, 2022
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious... High Unreviewed
CVE-2022-29483 was published Jun 3, 2022
The Adobe ColdFusion installer fails to set a secure access-control list (ACL) on the default... High Unreviewed
CVE-2020-10145 was published May 24, 2022
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this... Moderate Unreviewed
CVE-2021-46811 was published Jun 14, 2022
Octokit gem published with world-writable files Low
CVE-2022-31072 was published for octokit (RubyGems) Jun 15, 2022
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an... Critical Unreviewed
CVE-2022-33175 was published Jun 14, 2022
Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may... Moderate Unreviewed
CVE-2022-27500 was published Aug 19, 2022
An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection... High Unreviewed
CVE-2022-32562 was published Jun 14, 2022
In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner... High Unreviewed
CVE-2022-20137 was published Jun 16, 2022
A permission issue affects users that deployed the shipped version of the Checkmk Debian package.... High Unreviewed
CVE-2022-33912 was published Jun 18, 2022
Weak access control permissions in MELAG FTP Server 2.2.0.4 allow the "Everyone" group to read... High Unreviewed
CVE-2021-41637 was published Jun 25, 2022
A privilege escalation vulnerability exists in the Windows version of installation for Advantech... High Unreviewed
CVE-2021-21912 was published Dec 23, 2021
A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low... High Unreviewed
CVE-2022-1833 was published Jun 22, 2022
Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may... High Unreviewed
CVE-2022-26344 was published Aug 19, 2022
CVA6 commit 909d85a gives incorrect permission to use special multiplication units when the... High Unreviewed
CVE-2022-33023 was published Jun 30, 2022
There is a Unauthorized service in the system service, may cause the system reboot. Since the... High Unreviewed
CVE-2022-20435 was published Oct 12, 2022
Incorrect default configuration for trusted IP header in Mattermost version 6.7.0 and earlier... Moderate Unreviewed
CVE-2022-2366 was published Jul 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database