Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,874
Erlang
37
GitHub Actions
36
Go
2,521
Maven
5,000+
npm
4,163
NuGet
741
pip
3,961
Pub
12
RubyGems
946
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,336 advisories

Loading
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4,... Moderate Unreviewed
CVE-2021-39087 was published Aug 17, 2022
There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to... High Unreviewed
CVE-2021-22311 was published May 24, 2022
In SELinux policies of mls, there is a missing permission check. This could lead to local... Low Unreviewed
CVE-2020-27056 was published May 24, 2022
A vulnerability has been identified in DIGSI 4 (All versions < V4.94 SP1 HF 1). Several folders... High Unreviewed
CVE-2020-25245 was published May 24, 2022
In updateNotifications of DeviceStorageMonitorService.java, there is a possible permission bypass... Moderate Unreviewed
CVE-2021-0381 was published May 24, 2022
Agents are able to see and link Config Items without permissions, which are defined in General... Moderate Unreviewed
CVE-2021-21436 was published May 24, 2022
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API... Moderate Unreviewed
CVE-2020-25208 was published May 24, 2022
inSync Client installer for macOS versions v6.8.0 and prior could allow an attacker to gain... High Unreviewed
CVE-2020-5798 was published May 24, 2022
A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to... Moderate Unreviewed
CVE-2020-26941 was published May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2020-13555 was published May 24, 2022
Incorrect default permissions in installer for the Intel(R) SSD Toolbox versions before 2/9/2021... Moderate Unreviewed
CVE-2020-8701 was published May 24, 2022
The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6... High Unreviewed
CVE-2020-36233 was published May 24, 2022
Improper default permissions in the firmware for the Intel(R) Ethernet I210 Controller series of... Moderate Unreviewed
CVE-2020-0524 was published May 24, 2022
upsMonitor in ViewPower (aka ViewPowerHTML) 1.04-21012 through 1.04-21353 has insecure... High Unreviewed
CVE-2021-30490 was published Aug 17, 2022
When using an object storage like S3 as the file store, when a user creates a public link to a... Moderate Unreviewed
CVE-2020-16144 was published May 24, 2022
In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gotenberg)... Critical Unreviewed
CVE-2020-13452 was published May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2020-13540 was published May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2020-13536 was published May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2020-13537 was published May 24, 2022
An issue was discovered in Zammad before 3.4.1. The global-search feature leaks Knowledge Base... Moderate Unreviewed
CVE-2020-26031 was published May 24, 2022
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with... Low Unreviewed
CVE-2019-8777 was published May 24, 2022
In getGpuStatsGlobalInfo and getGpuStatsAppInfo of GpuService.cpp, there is a possible permission... Low Unreviewed
CVE-2020-27057 was published May 24, 2022
In openAssetFileListener of ContactsProvider2.java, there is a possible permission bypass due to... High Unreviewed
CVE-2020-0486 was published May 24, 2022
In broadcastWifiCredentialChanged of ClientModeImpl.java, there is a possible location permission... Moderate Unreviewed
CVE-2020-27053 was published May 24, 2022
In postNotification of ServiceRecord.java, there is a possible permission bypass due to an unsafe... Moderate Unreviewed
CVE-2020-27039 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database