GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
937 advisories
Filter by severity
A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2,...
High
Unreviewed
CVE-2020-8026
was published
May 24, 2022
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning...
High
Unreviewed
CVE-2020-36611
was published
Jan 17, 2023
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability...
High
Unreviewed
CVE-2021-40414
was published
Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability...
High
Unreviewed
CVE-2021-40413
was published
Jan 29, 2022
Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has Insecure Permissions that may allow...
Moderate
Unreviewed
CVE-2021-44215
was published
Mar 11, 2022
There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this...
Moderate
Unreviewed
CVE-2021-40059
was published
Mar 11, 2022
There is a permission control vulnerability in the PMS module. Successful exploitation of this...
High
Unreviewed
CVE-2021-40049
was published
Mar 11, 2022
This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission...
Moderate
Unreviewed
CVE-2021-32006
was published
Mar 11, 2022
Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions...
Moderate
Unreviewed
CVE-2021-44216
was published
Mar 11, 2022
There is a permission control vulnerability in the Nearby module. Successful exploitation of this...
Critical
Unreviewed
CVE-2021-40053
was published
Mar 11, 2022
In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message...
High
Unreviewed
CVE-2021-39734
was published
Mar 17, 2022
In getNotificationTag of LegacyVoicemailNotifier.java, there is a possible leak of ICCID due to a...
Moderate
Unreviewed
CVE-2021-39705
was published
Mar 17, 2022
In parse of RoleParser.java, there is a possible way for default apps to get permissions...
High
Unreviewed
CVE-2021-39694
was published
Mar 17, 2022
In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials...
High
Unreviewed
CVE-2021-39706
was published
Mar 17, 2022
A privilege escalation vulnerability exists in the Windows version of installation for Advantech...
High
Unreviewed
CVE-2021-21910
was published
Dec 23, 2021
In Click Studios (SA) Pty Ltd Passwordstate 9435, users with access to a passwordlist can gain...
Moderate
Unreviewed
CVE-2022-25570
was published
Mar 22, 2022
A local attacker could read files from some other users' SA360 reports stored in the /tmp folder...
Moderate
Unreviewed
CVE-2021-22571
was published
Mar 19, 2022
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website...
Moderate
Unreviewed
CVE-2021-44751
was published
Mar 26, 2022
Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD Smart Lock as of 12-13...
High
Unreviewed
CVE-2021-44905
was published
Mar 26, 2022
The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a...
High
Unreviewed
CVE-2021-40904
was published
Mar 27, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect...
High
Unreviewed
CVE-2022-26839
was published
Mar 30, 2022
The vCenter Server contains an information disclosure vulnerability due to improper permission of...
Moderate
Unreviewed
CVE-2022-22948
was published
Mar 30, 2022
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows...
High
Unreviewed
CVE-2022-30594
was published
May 13, 2022
In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check...
High
Unreviewed
CVE-2021-39639
was published
Dec 16, 2021
In getCallStateUsingPackage of Telecom Service, there is a missing permission check. This could...
Moderate
Unreviewed
CVE-2021-39779
was published
Mar 31, 2022
ProTip!
Advisories are also available from the
GraphQL API