GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,200

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

349 advisories

Filter by severity

Sort by

Least recently updated

Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions... Moderate Unreviewed

CVE-2021-44216 was published Mar 11, 2022

This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission... Moderate Unreviewed

CVE-2021-32006 was published Mar 11, 2022

There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this... Moderate Unreviewed

CVE-2021-40059 was published Mar 11, 2022

Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has Insecure Permissions that may allow... Moderate Unreviewed

CVE-2021-44215 was published Mar 11, 2022

In getNotificationTag of LegacyVoicemailNotifier.java, there is a possible leak of ICCID due to a... Moderate Unreviewed

CVE-2021-39705 was published Mar 17, 2022

In Click Studios (SA) Pty Ltd Passwordstate 9435, users with access to a passwordlist can gain... Moderate Unreviewed

CVE-2022-25570 was published Mar 22, 2022

A local attacker could read files from some other users' SA360 reports stored in the /tmp folder... Moderate Unreviewed

CVE-2021-22571 was published Mar 19, 2022

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website... Moderate Unreviewed

CVE-2021-44751 was published Mar 26, 2022

The vCenter Server contains an information disclosure vulnerability due to improper permission of... Moderate Unreviewed

CVE-2022-22948 was published Mar 30, 2022

In getCallStateUsingPackage of Telecom Service, there is a missing permission check. This could... Moderate Unreviewed

CVE-2021-39779 was published Mar 31, 2022

In Framework, there is a possible disclosure of the device owner package due to a missing... Moderate Unreviewed

CVE-2021-39770 was published Mar 31, 2022

In InputMethodEditor, there is a possible way to access some files accessible to Settings due to... Moderate Unreviewed

CVE-2021-39748 was published Mar 31, 2022

In Device Policy, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed

CVE-2021-39769 was published Mar 31, 2022

In Settings Provider, there is a possible way to list values of non-readable global settings due... Moderate Unreviewed

CVE-2021-39747 was published Mar 31, 2022

Insecure permissions configured in the userid parameter at /user/getuserprofile of FEBS-Security... Moderate Unreviewed

CVE-2022-27958 was published Apr 11, 2022

A bug in CmpUserMgr component can lead to only partially applied security policies. This can... Moderate Unreviewed

CVE-2022-22518 was published Apr 8, 2022

Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions... Moderate Unreviewed

CVE-2022-26855 was published Apr 9, 2022

Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1... Moderate Unreviewed

CVE-2022-27960 was published Apr 11, 2022

Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local... Moderate Unreviewed

CVE-2022-27840 was published Apr 12, 2022

Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does... Moderate Unreviewed

CVE-2022-26595 was published Apr 20, 2022

A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking... Moderate Unreviewed

CVE-2011-1762 was published Apr 19, 2022

A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175... Moderate Unreviewed

CVE-2021-3722 was published Apr 23, 2022

A improper permission configuration vulnerability in Xiaomi Content Center APP. This... Moderate Unreviewed

CVE-2020-14117 was published Apr 22, 2022

IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to... Moderate Unreviewed

CVE-2020-4270 was published May 24, 2022

Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1... Moderate Unreviewed

CVE-2020-13270 was published May 24, 2022

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

349 advisories