GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,572
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,703
NuGet 661
pip 3,329
Pub 11
RubyGems 884
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 234,070

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

992 advisories

Filter by severity

Sort by

Least recently updated

A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2,... High Unreviewed

CVE-2020-8026 was published May 24, 2022

Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning... High Unreviewed

CVE-2020-36611 was published Jan 17, 2023

An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... High Unreviewed

CVE-2021-40413 was published Jan 29, 2022

An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... High Unreviewed

CVE-2021-40414 was published Jan 29, 2022

Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has Insecure Permissions that may allow... Moderate Unreviewed

CVE-2021-44215 was published Mar 11, 2022

Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions... Moderate Unreviewed

CVE-2021-44216 was published Mar 11, 2022

This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission... Moderate Unreviewed

CVE-2021-32006 was published Mar 11, 2022

There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this... Moderate Unreviewed

CVE-2021-40059 was published Mar 11, 2022

There is a permission control vulnerability in the PMS module. Successful exploitation of this... High Unreviewed

CVE-2021-40049 was published Mar 11, 2022

There is a permission control vulnerability in the Nearby module. Successful exploitation of this... Critical Unreviewed

CVE-2021-40053 was published Mar 11, 2022

In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message... High Unreviewed

CVE-2021-39734 was published Mar 17, 2022

In parse of RoleParser.java, there is a possible way for default apps to get permissions... High Unreviewed

CVE-2021-39694 was published Mar 17, 2022

In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials... High Unreviewed

CVE-2021-39706 was published Mar 17, 2022

In getNotificationTag of LegacyVoicemailNotifier.java, there is a possible leak of ICCID due to a... Moderate Unreviewed

CVE-2021-39705 was published Mar 17, 2022

A privilege escalation vulnerability exists in the Windows version of installation for Advantech... High Unreviewed

CVE-2021-21910 was published Dec 23, 2021

In Click Studios (SA) Pty Ltd Passwordstate 9435, users with access to a passwordlist can gain... Moderate Unreviewed

CVE-2022-25570 was published Mar 22, 2022

A local attacker could read files from some other users' SA360 reports stored in the /tmp folder... Moderate Unreviewed

CVE-2021-22571 was published Mar 19, 2022

Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD Smart Lock as of 12-13... High Unreviewed

CVE-2021-44905 was published Mar 26, 2022

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website... Moderate Unreviewed

CVE-2021-44751 was published Mar 26, 2022

The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a... High Unreviewed

CVE-2021-40904 was published Mar 27, 2022

The vCenter Server contains an information disclosure vulnerability due to improper permission of... Moderate Unreviewed

CVE-2022-22948 was published Mar 30, 2022

Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect... High Unreviewed

CVE-2022-26839 was published Mar 30, 2022

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows... High Unreviewed

CVE-2022-30594 was published May 13, 2022

In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check... High Unreviewed

CVE-2021-39639 was published Dec 16, 2021

In getCallStateUsingPackage of Telecom Service, there is a missing permission check. This could... Moderate Unreviewed

CVE-2021-39779 was published Mar 31, 2022

Previous 1 2 3 4 5 … 39 40 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

992 advisories