GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,787
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,016
Maven 5,202
npm 3,721
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,212

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,040 advisories

Filter by severity

Sort by

Least recently updated

The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions,... High Unreviewed

CVE-2022-3263 was published Sep 25, 2022

In cta, there is a possible way to write permission usage records of an app due to a missing... High Unreviewed

CVE-2022-26429 was published Aug 2, 2022

Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed

CVE-2020-6439 was published May 24, 2022

parse-server's session object properties can be updated by foreign user if object ID is known Moderate

CVE-2022-39225 was published for parse-server (npm) Sep 21, 2022

In Content, there is a possible way to learn about an account present on the device due to a... Moderate Unreviewed

CVE-2022-20294 was published Aug 13, 2022

Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed

CVE-2020-6431 was published May 24, 2022

Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed

CVE-2020-6488 was published May 24, 2022

Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed

CVE-2020-6484 was published May 24, 2022

Incorrect default permissions in the Intel(R) Support Android application before version v22.02... Moderate Unreviewed

CVE-2022-36367 was published Nov 11, 2022

The preset launcher module has a permission verification vulnerability. Successful exploitation... High Unreviewed

CVE-2022-44561 was published Nov 10, 2022

Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows... High Unreviewed

CVE-2021-37289 was published Aug 23, 2022

plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak... Moderate Unreviewed

CVE-2010-4176 was published May 17, 2022

An incorrect default permissions vulnerability was found in the mig-controller. Due to an... Moderate Unreviewed

CVE-2021-3948 was published Feb 19, 2022

In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a... Low Unreviewed

CVE-2020-0009 was published May 24, 2022

Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions... High Unreviewed

CVE-2022-33922 was published Oct 13, 2022

Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network... High Unreviewed

CVE-2022-0997 was published May 18, 2022

Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of... High Unreviewed

CVE-2022-0486 was published May 18, 2022

D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions. Critical Unreviewed

CVE-2022-28932 was published May 24, 2022

An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions,... Moderate Unreviewed

CVE-2018-7822 was published May 24, 2022

OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication... Moderate Unreviewed

CVE-2022-45118 was published Dec 8, 2022

In PermissionController, there is a possible misunderstanding about the default SMS application's... Moderate Unreviewed

CVE-2022-20272 was published Aug 13, 2022

In Core, there is a possible way to start an activity from the background due to a missing... High Unreviewed

CVE-2022-20281 was published Aug 13, 2022

In ConnectivityService, there is a possible bypass of network permissions due to a missing... Moderate Unreviewed

CVE-2022-20341 was published Aug 13, 2022

If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes... Moderate Unreviewed

CVE-2019-11738 was published May 24, 2022

ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2... Low Unreviewed

CVE-2019-17052 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,040 advisories