GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,975
Composer 4,874
Erlang 37
GitHub Actions 36
Go 2,520
Maven 5,970
npm 4,160
NuGet 741
pip 3,961
Pub 12
RubyGems 946
Rust 1,028
Swift 39

Unreviewed advisories

All unreviewed 270,933

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,336 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Couchbase Server 4.x and 5.x before 6.0.0 has Insecure Permissions for the projector and indexer... High Unreviewed

CVE-2020-9039 was published May 24, 2022

In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user... Moderate Unreviewed

CVE-2020-0023 was published May 24, 2022

Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0... Moderate Unreviewed

CVE-2019-20106 was published May 24, 2022

A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 and 4.7.8 allows any... High Unreviewed

CVE-2019-7656 was published May 24, 2022

Improper permission or value checking in the CLI console may allow a non-privileged user to... Low Unreviewed

CVE-2019-5593 was published May 24, 2022

ColdFusion versions Update 6 and earlier have an insecure inherited permissions of default... High Unreviewed

CVE-2019-8256 was published May 24, 2022

The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO... High Unreviewed

CVE-2020-9409 was published May 24, 2022

A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report... High Unreviewed

CVE-2021-21957 was published Dec 9, 2021

Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed

CVE-2020-6445 was published May 24, 2022

Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed

CVE-2020-6441 was published May 24, 2022

Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory,... Moderate Unreviewed

CVE-2019-18895 was published May 24, 2022

Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92... Moderate Unreviewed

CVE-2020-6456 was published May 24, 2022

Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed

CVE-2020-6446 was published May 24, 2022

An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration,... High Unreviewed

CVE-2019-14510 was published May 24, 2022

The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18... High Unreviewed

CVE-2019-3689 was published May 24, 2022

ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2... Low Unreviewed

CVE-2019-17052 was published May 24, 2022

If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes... Moderate Unreviewed

CVE-2019-11738 was published May 24, 2022

In ConnectivityService, there is a possible bypass of network permissions due to a missing... Moderate Unreviewed

CVE-2022-20341 was published Aug 13, 2022

In Core, there is a possible way to start an activity from the background due to a missing... High Unreviewed

CVE-2022-20281 was published Aug 13, 2022

In PermissionController, there is a possible misunderstanding about the default SMS application's... Moderate Unreviewed

CVE-2022-20272 was published Aug 13, 2022

OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication... Moderate Unreviewed

CVE-2022-45118 was published Dec 8, 2022

An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions,... Moderate Unreviewed

CVE-2018-7822 was published May 24, 2022

D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions. Critical Unreviewed

CVE-2022-28932 was published May 24, 2022

Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network... High Unreviewed

CVE-2022-0997 was published May 18, 2022

Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of... High Unreviewed

CVE-2022-0486 was published May 18, 2022

Previous 1…48…54 Next

Previous 1 2 … 46 47 48 49 50 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,336 advisories