Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

104 advisories

Loading
lakeFS vulnerable to authenticated users deleting files they are not authorized to delete High
GHSA-28q9-9c3g-v3f9 was published for github.com/treeverse/lakefs (Go) Sep 23, 2022
Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure... High Unreviewed
CVE-2022-24618 was published Mar 11, 2022
In createOrUpdate of BasePermission.java, there is a possible permission bypass due to a logic... High Unreviewed
CVE-2021-39695 was published Mar 17, 2022
In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to... High Unreviewed
CVE-2021-39704 was published Mar 17, 2022
In checkFileUriDestination of DownloadProvider.java, there is a possible way to bypass external... High Unreviewed
CVE-2021-39697 was published Mar 17, 2022
In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without... High Unreviewed
CVE-2021-0965 was published Dec 16, 2021
In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an... High Unreviewed
CVE-2021-1004 was published Dec 16, 2021
In onReceive of AlertReceiver.java, there is a possible way to dismiss system dialog due to a... High Unreviewed
CVE-2021-0985 was published Dec 16, 2021
In the broadcast definition in AndroidManifest.xml, there is a possible way to set the A2DP... High Unreviewed
CVE-2021-0999 was published Dec 16, 2021
An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux... High Unreviewed
CVE-2021-3847 was published Apr 3, 2022
Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain... High Unreviewed
CVE-2022-24428 was published Apr 9, 2022
A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions ... High Unreviewed
CVE-2022-38473 was published Dec 22, 2022
In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission... High Unreviewed
CVE-2021-39622 was published Jan 15, 2022
Improper Preservation of Permissions in Apache Struts High
CVE-2019-0233 was published for org.apache.struts:struts2-core (Maven) May 24, 2022
eG Agent before 7.2 has weak file permissions that enable escalation of privileges to SYSTEM. High Unreviewed
CVE-2022-29594 was published Jun 3, 2022
IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes... High Unreviewed
CVE-2022-22472 was published Jul 1, 2022
An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to... High Unreviewed
CVE-2022-31262 was published Aug 18, 2022
Improper permissions in the installer for the Intel(R) Falcon 8+ UAS AscTec Thermal Viewer, all... High Unreviewed
CVE-2020-12330 was published May 24, 2022
Improper permissions in the installer for the Intel(R) HID Event Filter Driver, all versions, may... High Unreviewed
CVE-2020-12332 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Processor Identification Utility before... High Unreviewed
CVE-2020-12335 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2... High Unreviewed
CVE-2020-12334 was published May 24, 2022
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an... High Unreviewed
CVE-2020-24525 was published May 24, 2022
Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged,... High Unreviewed
CVE-2020-5796 was published May 24, 2022
Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before... High Unreviewed
CVE-2021-0077 was published May 24, 2022
In JetBrains UpSource before 2020.1.1883, application passwords were not revoked correctly High Unreviewed
CVE-2021-30482 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database