GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,034 advisories
Filter by severity
Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows...
Critical
Unreviewed
CVE-2020-28910
was published
May 24, 2022
vFairs 3.3 is affected by Insecure Permissions. Any user logged in to a vFairs virtual conference...
Moderate
Unreviewed
CVE-2020-26679
was published
May 24, 2022
In isRealSnapshot of TaskThumbnailView.java, there is possible data exposure due to a missing...
Moderate
Unreviewed
CVE-2021-0654
was published
May 24, 2022
In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a...
Moderate
Unreviewed
CVE-2021-0588
was published
May 24, 2022
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. Insecure...
Moderate
Unreviewed
CVE-2022-25804
was published
Jun 10, 2022
A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers (CLSID...
High
Unreviewed
CVE-2020-13534
was published
May 24, 2022
In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts...
High
Unreviewed
CVE-2021-0603
was published
May 24, 2022
In sendNetworkConditionsBroadcast of NetworkMonitor.java, there is a possible way for a...
Moderate
Unreviewed
CVE-2021-0590
was published
May 24, 2022
PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers...
Moderate
Unreviewed
CVE-2022-30747
was published
Jun 8, 2022
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious...
High
Unreviewed
CVE-2022-29483
was published
Jun 3, 2022
The Adobe ColdFusion installer fails to set a secure access-control list (ACL) on the default...
High
Unreviewed
CVE-2020-10145
was published
May 24, 2022
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this...
Moderate
Unreviewed
CVE-2021-46811
was published
Jun 14, 2022
Octokit gem published with world-writable files
Low
CVE-2022-31072
was published
for
octokit
(RubyGems)
Jun 15, 2022
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an...
Critical
Unreviewed
CVE-2022-33175
was published
Jun 14, 2022
Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may...
Moderate
Unreviewed
CVE-2022-27500
was published
Aug 19, 2022
An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection...
High
Unreviewed
CVE-2022-32562
was published
Jun 14, 2022
In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner...
High
Unreviewed
CVE-2022-20137
was published
Jun 16, 2022
A permission issue affects users that deployed the shipped version of the Checkmk Debian package....
High
Unreviewed
CVE-2022-33912
was published
Jun 18, 2022
Weak access control permissions in MELAG FTP Server 2.2.0.4 allow the "Everyone" group to read...
High
Unreviewed
CVE-2021-41637
was published
Jun 25, 2022
A privilege escalation vulnerability exists in the Windows version of installation for Advantech...
High
Unreviewed
CVE-2021-21912
was published
Dec 23, 2021
A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low...
High
Unreviewed
CVE-2022-1833
was published
Jun 22, 2022
Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may...
High
Unreviewed
CVE-2022-26344
was published
Aug 19, 2022
CVA6 commit 909d85a gives incorrect permission to use special multiplication units when the...
High
Unreviewed
CVE-2022-33023
was published
Jun 30, 2022
There is a Unauthorized service in the system service, may cause the system reboot. Since the...
High
Unreviewed
CVE-2022-20435
was published
Oct 12, 2022
Incorrect default configuration for trusted IP header in Mattermost version 6.7.0 and earlier...
Moderate
Unreviewed
CVE-2022-2366
was published
Jul 13, 2022
ProTip!
Advisories are also available from the
GraphQL API