Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

463 advisories

Loading
Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data... High Unreviewed
CVE-2018-6683 was published May 13, 2022
An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017... High Unreviewed
CVE-2018-7533 was published May 13, 2022
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and... High Unreviewed
CVE-2016-5425 was published May 13, 2022
The CorsairService Service in Corsair Utility Engine is installed with insecure default... High Unreviewed
CVE-2018-12441 was published May 13, 2022
SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory,... High Unreviewed
CVE-2018-10604 was published May 13, 2022
It was found that system umask policy is not being honored when creating XDG user directories,... High Unreviewed
CVE-2017-15131 was published May 13, 2022
Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering... High Unreviewed
CVE-2015-7378 was published May 13, 2022
Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business... High Unreviewed
CVE-2016-3943 was published May 13, 2022
Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation... High Unreviewed
CVE-2016-6914 was published May 13, 2022
Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder,... High Unreviewed
CVE-2015-7985 was published May 13, 2022
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows... High Unreviewed
CVE-2022-30594 was published May 13, 2022
In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due... High Unreviewed
CVE-2022-20004 was published May 11, 2022
Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. The impact is: obtain sensitive... High Unreviewed
CVE-2022-23802 was published May 7, 2022
Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with... High Unreviewed
CVE-2002-1844 was published Apr 30, 2022
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing. High Unreviewed
CVE-1999-0426 was published Apr 30, 2022
In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is... High Unreviewed
CVE-2022-29585 was published Apr 29, 2022
The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the... High Unreviewed
CVE-2022-29547 was published Apr 22, 2022
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager... High Unreviewed
CVE-2022-20732 was published Apr 22, 2022
The setup program for the affected product configures its files and folders with full access,... High Unreviewed
CVE-2021-43986 was published Apr 21, 2022
In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the... High Unreviewed
CVE-2021-39794 was published Apr 13, 2022
In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible... High Unreviewed
CVE-2021-1000 was published Mar 31, 2022
In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission... High Unreviewed
CVE-2021-1033 was published Mar 31, 2022
In Traceur, there is a possible bypass of developer settings requirements for capturing system... High Unreviewed
CVE-2021-39780 was published Mar 31, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect... High Unreviewed
CVE-2022-26839 was published Mar 30, 2022
The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a... High Unreviewed
CVE-2021-40904 was published Mar 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database