Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,520
Maven
5,000+
npm
4,159
NuGet
736
pip
3,958
Pub
12
RubyGems
946
Rust
1,027
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,336 advisories

Loading
Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions... High Unreviewed
CVE-2022-33922 was published Oct 13, 2022
In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a... Low Unreviewed
CVE-2020-0009 was published May 24, 2022
An incorrect default permissions vulnerability was found in the mig-controller. Due to an... Moderate Unreviewed
CVE-2021-3948 was published Feb 19, 2022
plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak... Moderate Unreviewed
CVE-2010-4176 was published May 17, 2022
Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows... High Unreviewed
CVE-2021-37289 was published Aug 23, 2022
Incorrect default permissions in the Intel(R) Support Android application before version v22.02... Moderate Unreviewed
CVE-2022-36367 was published Nov 11, 2022
Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed
CVE-2020-6484 was published May 24, 2022
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed
CVE-2020-6488 was published May 24, 2022
Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed
CVE-2020-6431 was published May 24, 2022
In Content, there is a possible way to learn about an account present on the device due to a... Moderate Unreviewed
CVE-2022-20294 was published Aug 13, 2022
parse-server's session object properties can be updated by foreign user if object ID is known Moderate
CVE-2022-39225 was published for parse-server (npm) Sep 21, 2022
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed
CVE-2020-6439 was published May 24, 2022
In cta, there is a possible way to write permission usage records of an app due to a missing... High Unreviewed
CVE-2022-26429 was published Aug 2, 2022
The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions,... High Unreviewed
CVE-2022-3263 was published Sep 25, 2022
An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary... High Unreviewed
CVE-2022-37173 was published Aug 31, 2022
A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE... High Unreviewed
CVE-2022-31251 was published Sep 8, 2022
In ContentService, there is a possible way to check if an account exists on the device due to a... Moderate Unreviewed
CVE-2022-20298 was published Aug 13, 2022
In WifiP2pManager, there is a possible toobtain WiFi P2P MAC address without user consent due to... Moderate Unreviewed
CVE-2022-20312 was published Aug 13, 2022
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a... Low Unreviewed
CVE-2022-20311 was published Aug 13, 2022
In ContentService, there is a possible way to check if the given account exists on the device due... Moderate Unreviewed
CVE-2022-20299 was published Aug 13, 2022
In ContentService, there is a possible disclosure of available account types due to a missing... Low Unreviewed
CVE-2022-20305 was published Aug 13, 2022
In ContentService, there is a possible way to check if an account exists on the device due to a... Moderate Unreviewed
CVE-2022-20295 was published Aug 13, 2022
In ContentService, there is a possible way to determine if an account is on the device without... Moderate Unreviewed
CVE-2022-20303 was published Aug 13, 2022
In ContentService, there is a possible way to check if an account exists on the device due to a... Moderate Unreviewed
CVE-2022-20296 was published Aug 13, 2022
A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise... Low Unreviewed
CVE-2021-25317 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database