GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,975
Composer 4,874
Erlang 37
GitHub Actions 36
Go 2,520
Maven 5,970
npm 4,160
NuGet 741
pip 3,961
Pub 12
RubyGems 946
Rust 1,028
Swift 39

Unreviewed advisories

All unreviewed 270,914

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,336 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Octokit gem published with world-writable files Low

CVE-2022-31072 was published for octokit (RubyGems) Jun 15, 2022

HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this... Moderate Unreviewed

CVE-2021-46811 was published Jun 14, 2022

The Adobe ColdFusion installer fails to set a secure access-control list (ACL) on the default... High Unreviewed

CVE-2020-10145 was published May 24, 2022

Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious... High Unreviewed

CVE-2022-29483 was published Jun 3, 2022

PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers... Moderate Unreviewed

CVE-2022-30747 was published Jun 8, 2022

In sendNetworkConditionsBroadcast of NetworkMonitor.java, there is a possible way for a... Moderate Unreviewed

CVE-2021-0590 was published May 24, 2022

In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts... High Unreviewed

CVE-2021-0603 was published May 24, 2022

A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers (CLSID... High Unreviewed

CVE-2020-13534 was published May 24, 2022

An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. Insecure... Moderate Unreviewed

CVE-2022-25804 was published Jun 10, 2022

In isRealSnapshot of TaskThumbnailView.java, there is possible data exposure due to a missing... Moderate Unreviewed

CVE-2021-0654 was published May 24, 2022

In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a... Moderate Unreviewed

CVE-2021-0588 was published May 24, 2022

vFairs 3.3 is affected by Insecure Permissions. Any user logged in to a vFairs virtual conference... Moderate Unreviewed

CVE-2020-26679 was published May 24, 2022

Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows... Critical Unreviewed

CVE-2020-28910 was published May 24, 2022

In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions. High Unreviewed

CVE-2022-31500 was published Jun 3, 2022

In checkSlicePermission of SliceManagerService.java, there is a possible resource exposure due to... Moderate Unreviewed

CVE-2021-0382 was published May 24, 2022

Insecure File Permissions exist in Aviatrix Controller 5.3.1516. Several world writable files and... High Unreviewed

CVE-2020-27568 was published May 24, 2022

In areFunctionsSupported of UsbBackend.java, there is a possible access to tethering from a guest... High Unreviewed

CVE-2020-0485 was published May 24, 2022

In CellBroadcastReceiver's intent handlers, there is a possible denial of service due to a... Moderate Unreviewed

CVE-2020-0437 was published May 24, 2022

In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking... Moderate Unreviewed

CVE-2020-0137 was published May 24, 2022

IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to access data and perform... Moderate Unreviewed

CVE-2020-4274 was published May 24, 2022

An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation... High Unreviewed

CVE-2021-28098 was published May 24, 2022

In setNightModeActivated of UiModeManagerService.java, there is a missing permission check. This... High Unreviewed

CVE-2021-0389 was published May 24, 2022

In onReceive of DcTracker.java, there is a possible way to trigger a provisioning URL and modify... High Unreviewed

CVE-2021-0380 was published May 24, 2022

A mobile phone of ZTE is impacted by improper access control vulnerability. Due to improper... High Unreviewed

CVE-2021-21732 was published May 24, 2022

Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers... Moderate Unreviewed

CVE-2021-25344 was published May 24, 2022

Previous 1…51…54 Next

Previous 1 2 … 49 50 51 52 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,336 advisories