Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

218 advisories

Loading
Improper permissions in the installer for the Intel(R) Falcon 8+ UAS AscTec Thermal Viewer, all... High Unreviewed
CVE-2020-12330 was published May 24, 2022
Improper permissions in the installer for the Intel(R) HID Event Filter Driver, all versions, may... High Unreviewed
CVE-2020-12332 was published May 24, 2022
In Settings, there is a possible permissions bypass. This could lead to local information... Moderate Unreviewed
CVE-2020-0331 was published May 24, 2022
Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an... Low Unreviewed
CVE-2022-31237 was published Aug 23, 2022
In Android Auto Settings, there is a possible permission bypass due to an unsafe PendingIntent.... Moderate Unreviewed
CVE-2020-0269 was published May 24, 2022
In Telephony, there are possible leaks of sensitive data due to missing permission checks. This... Moderate Unreviewed
CVE-2020-0265 was published May 24, 2022
In core networking, there is a missing permission check. This could lead to local information... Moderate Unreviewed
CVE-2020-0327 was published May 24, 2022
An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to... High Unreviewed
CVE-2022-31262 was published Aug 18, 2022
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions... Moderate Unreviewed
CVE-2020-13230 was published May 24, 2022
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR... Moderate Unreviewed
CVE-2020-7063 was published May 24, 2022
The PKI keys exported using the command "run request security pki key-pair export" on Junos OS... Low Unreviewed
CVE-2019-0073 was published May 24, 2022
GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not... Moderate Unreviewed
CVE-2022-47547 was published Dec 19, 2022
Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a... Moderate Unreviewed
CVE-2020-6564 was published May 24, 2022
fhir-works-on-aws-authz-smart handles permissions improperly Moderate
CVE-2022-39230 was published for fhir-works-on-aws-authz-smart (npm) Sep 21, 2022
IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes... High Unreviewed
CVE-2022-22472 was published Jul 1, 2022
MetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because... Moderate Unreviewed
CVE-2022-32969 was published Jun 30, 2022
Improper validation of permissions for third party application accessing Telephony service API... Moderate Unreviewed
CVE-2021-35079 was published Jun 15, 2022
The communication module has a vulnerability of improper permission preservation. Successful... Moderate Unreviewed
CVE-2022-31755 was published Jun 14, 2022
eG Agent before 7.2 has weak file permissions that enable escalation of privileges to SYSTEM. High Unreviewed
CVE-2022-29594 was published Jun 3, 2022
In updateNotification of BeamTransferManager.java, there is a missing permission check. This... Moderate Unreviewed
CVE-2021-0542 was published May 24, 2022
Improper Preservation of Permissions in Apache Struts High
CVE-2019-0233 was published for org.apache.struts:struts2-core (Maven) May 24, 2022
A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new ... Low Unreviewed
CVE-2021-20263 was published May 24, 2022
Shopware access control list bypassed via crafted specific URLs Moderate
CVE-2022-36102 was published for shopware/shopware (Composer) Sep 16, 2022
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the... Moderate Unreviewed
CVE-2021-43708 was published Apr 22, 2022
In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission... High Unreviewed
CVE-2021-39622 was published Jan 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database