GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
832 advisories
Filter by severity
Incorrect Default Permissions in keyring
Moderate
CVE-2012-5578
was published
for
keyring
(pip)
Mar 10, 2020
Incorrect Default Permissions in keyring
High
CVE-2012-5577
was published
for
keyring
(pip)
Mar 11, 2020
JSNAPy allows unprivileged local users to alter files under the directory
Moderate
CVE-2018-0023
was published
for
jsnapy
(pip)
Jul 12, 2018
netaddr before 1.5.3 and 2.0.4 has Incorrect Default Permissions
Critical
CVE-2019-17383
was published
for
netaddr
(RubyGems)
Oct 14, 2019
A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2,...
High
Unreviewed
CVE-2020-8026
was published
May 24, 2022
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning...
High
Unreviewed
CVE-2020-36611
was published
Jan 17, 2023
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability...
High
Unreviewed
CVE-2021-40413
was published
Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability...
High
Unreviewed
CVE-2021-40414
was published
Jan 29, 2022
There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this...
Moderate
Unreviewed
CVE-2021-40059
was published
Mar 11, 2022
There is a permission control vulnerability in the PMS module. Successful exploitation of this...
High
Unreviewed
CVE-2021-40049
was published
Mar 11, 2022
This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission...
Moderate
Unreviewed
CVE-2021-32006
was published
Mar 11, 2022
Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions...
Moderate
Unreviewed
CVE-2021-44216
was published
Mar 11, 2022
Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has Insecure Permissions that may allow...
Moderate
Unreviewed
CVE-2021-44215
was published
Mar 11, 2022
There is a permission control vulnerability in the Nearby module. Successful exploitation of this...
Critical
Unreviewed
CVE-2021-40053
was published
Mar 11, 2022
In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message...
High
Unreviewed
CVE-2021-39734
was published
Mar 17, 2022
In parse of RoleParser.java, there is a possible way for default apps to get permissions...
High
Unreviewed
CVE-2021-39694
was published
Mar 17, 2022
In getNotificationTag of LegacyVoicemailNotifier.java, there is a possible leak of ICCID due to a...
Moderate
Unreviewed
CVE-2021-39705
was published
Mar 17, 2022
In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials...
High
Unreviewed
CVE-2021-39706
was published
Mar 17, 2022
A privilege escalation vulnerability exists in the Windows version of installation for Advantech...
High
Unreviewed
CVE-2021-21910
was published
Dec 23, 2021
In Click Studios (SA) Pty Ltd Passwordstate 9435, users with access to a passwordlist can gain...
Moderate
Unreviewed
CVE-2022-25570
was published
Mar 22, 2022
A local attacker could read files from some other users' SA360 reports stored in the /tmp folder...
Moderate
Unreviewed
CVE-2021-22571
was published
Mar 19, 2022
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website...
Moderate
Unreviewed
CVE-2021-44751
was published
Mar 26, 2022
Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD Smart Lock as of 12-13...
High
Unreviewed
CVE-2021-44905
was published
Mar 26, 2022
The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a...
High
Unreviewed
CVE-2021-40904
was published
Mar 27, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect...
High
Unreviewed
CVE-2022-26839
was published
Mar 30, 2022
ProTip!
Advisories are also available from the
GraphQL API