GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
399 advisories
Filter by severity
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.
High
Unreviewed
CVE-1999-0426
was published
Apr 30, 2022
In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is...
High
Unreviewed
CVE-2022-29585
was published
Apr 29, 2022
The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the...
High
Unreviewed
CVE-2022-29547
was published
Apr 22, 2022
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager...
High
Unreviewed
CVE-2022-20732
was published
Apr 22, 2022
The setup program for the affected product configures its files and folders with full access,...
High
Unreviewed
CVE-2021-43986
was published
Apr 21, 2022
In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the...
High
Unreviewed
CVE-2021-39794
was published
Apr 13, 2022
In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible...
High
Unreviewed
CVE-2021-1000
was published
Mar 31, 2022
In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission...
High
Unreviewed
CVE-2021-1033
was published
Mar 31, 2022
In Traceur, there is a possible bypass of developer settings requirements for capturing system...
High
Unreviewed
CVE-2021-39780
was published
Mar 31, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect...
High
Unreviewed
CVE-2022-26839
was published
Mar 30, 2022
The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a...
High
Unreviewed
CVE-2021-40904
was published
Mar 27, 2022
Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD Smart Lock as of 12-13...
High
Unreviewed
CVE-2021-44905
was published
Mar 26, 2022
In parse of RoleParser.java, there is a possible way for default apps to get permissions...
High
Unreviewed
CVE-2021-39694
was published
Mar 17, 2022
In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials...
High
Unreviewed
CVE-2021-39706
was published
Mar 17, 2022
In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message...
High
Unreviewed
CVE-2021-39734
was published
Mar 17, 2022
There is a permission control vulnerability in the PMS module. Successful exploitation of this...
High
Unreviewed
CVE-2021-40049
was published
Mar 11, 2022
The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure...
High
Unreviewed
CVE-2022-25943
was published
Mar 10, 2022
Insecure permissions in the file database.sdb of BatFlat CMS v1.3.6 allows attackers to dump the...
High
Unreviewed
CVE-2021-41652
was published
Mar 3, 2022
WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an...
High
Unreviewed
CVE-2022-23922
was published
Feb 25, 2022
WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an...
High
Unreviewed
CVE-2022-23104
was published
Feb 25, 2022
Local privilege escalation due to excessive permissions assigned to child processes. The...
High
Unreviewed
CVE-2022-24113
was published
Feb 12, 2022
In checkUriPermission of MediaProvider.java , there is a possible way to gain access to the...
High
Unreviewed
CVE-2021-39662
was published
Feb 12, 2022
A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized...
High
Unreviewed
CVE-2021-22817
was published
Feb 11, 2022
Incorrect default permissions in the software installer for the Intel(R) Advisor before version...
High
Unreviewed
CVE-2021-33129
was published
Feb 11, 2022
Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an...
High
Unreviewed
CVE-2022-21204
was published
Feb 11, 2022
ProTip!
Advisories are also available from the
GraphQL API