Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,218
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

445 advisories

Loading
A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2,... High Unreviewed
CVE-2020-8026 was published May 24, 2022
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning... High Unreviewed
CVE-2020-36611 was published Jan 17, 2023
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... High Unreviewed
CVE-2021-40414 was published Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... High Unreviewed
CVE-2021-40413 was published Jan 29, 2022
There is a permission control vulnerability in the PMS module. Successful exploitation of this... High Unreviewed
CVE-2021-40049 was published Mar 11, 2022
In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message... High Unreviewed
CVE-2021-39734 was published Mar 17, 2022
In parse of RoleParser.java, there is a possible way for default apps to get permissions... High Unreviewed
CVE-2021-39694 was published Mar 17, 2022
In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials... High Unreviewed
CVE-2021-39706 was published Mar 17, 2022
A privilege escalation vulnerability exists in the Windows version of installation for Advantech... High Unreviewed
CVE-2021-21910 was published Dec 23, 2021
Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD Smart Lock as of 12-13... High Unreviewed
CVE-2021-44905 was published Mar 26, 2022
The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a... High Unreviewed
CVE-2021-40904 was published Mar 27, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect... High Unreviewed
CVE-2022-26839 was published Mar 30, 2022
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows... High Unreviewed
CVE-2022-30594 was published May 13, 2022
In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check... High Unreviewed
CVE-2021-39639 was published Dec 16, 2021
In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN... High Unreviewed
CVE-2021-39651 was published Dec 16, 2021
In Traceur, there is a possible bypass of developer settings requirements for capturing system... High Unreviewed
CVE-2021-39780 was published Mar 31, 2022
In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission... High Unreviewed
CVE-2021-1033 was published Mar 31, 2022
In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible... High Unreviewed
CVE-2021-1000 was published Mar 31, 2022
In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the... High Unreviewed
CVE-2021-39794 was published Apr 13, 2022
The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the... High Unreviewed
CVE-2022-29547 was published Apr 22, 2022
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager... High Unreviewed
CVE-2022-20732 was published Apr 22, 2022
Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an... High Unreviewed
CVE-2022-4020 was published Nov 28, 2022
Permission control vulnerability in the network module. Successful exploitation of this... High Unreviewed
CVE-2022-37006 was published Aug 11, 2022
Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers... High Unreviewed
CVE-2022-28999 was published May 24, 2022
In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to... High Unreviewed
CVE-2020-0227 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database