GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
445 advisories
Filter by severity
A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2,...
High
Unreviewed
CVE-2020-8026
was published
May 24, 2022
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning...
High
Unreviewed
CVE-2020-36611
was published
Jan 17, 2023
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability...
High
Unreviewed
CVE-2021-40413
was published
Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability...
High
Unreviewed
CVE-2021-40414
was published
Jan 29, 2022
There is a permission control vulnerability in the PMS module. Successful exploitation of this...
High
Unreviewed
CVE-2021-40049
was published
Mar 11, 2022
In parse of RoleParser.java, there is a possible way for default apps to get permissions...
High
Unreviewed
CVE-2021-39694
was published
Mar 17, 2022
In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message...
High
Unreviewed
CVE-2021-39734
was published
Mar 17, 2022
In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials...
High
Unreviewed
CVE-2021-39706
was published
Mar 17, 2022
A privilege escalation vulnerability exists in the Windows version of installation for Advantech...
High
Unreviewed
CVE-2021-21910
was published
Dec 23, 2021
Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD Smart Lock as of 12-13...
High
Unreviewed
CVE-2021-44905
was published
Mar 26, 2022
The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a...
High
Unreviewed
CVE-2021-40904
was published
Mar 27, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect...
High
Unreviewed
CVE-2022-26839
was published
Mar 30, 2022
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows...
High
Unreviewed
CVE-2022-30594
was published
May 13, 2022
In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check...
High
Unreviewed
CVE-2021-39639
was published
Dec 16, 2021
In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN...
High
Unreviewed
CVE-2021-39651
was published
Dec 16, 2021
In Traceur, there is a possible bypass of developer settings requirements for capturing system...
High
Unreviewed
CVE-2021-39780
was published
Mar 31, 2022
In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission...
High
Unreviewed
CVE-2021-1033
was published
Mar 31, 2022
In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible...
High
Unreviewed
CVE-2021-1000
was published
Mar 31, 2022
In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the...
High
Unreviewed
CVE-2021-39794
was published
Apr 13, 2022
The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the...
High
Unreviewed
CVE-2022-29547
was published
Apr 22, 2022
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager...
High
Unreviewed
CVE-2022-20732
was published
Apr 22, 2022
Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an...
High
Unreviewed
CVE-2022-4020
was published
Nov 28, 2022
Permission control vulnerability in the network module. Successful exploitation of this...
High
Unreviewed
CVE-2022-37006
was published
Aug 11, 2022
Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers...
High
Unreviewed
CVE-2022-28999
was published
May 24, 2022
In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to...
High
Unreviewed
CVE-2020-0227
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API