Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,874
Erlang
37
GitHub Actions
36
Go
2,520
Maven
5,000+
npm
4,160
NuGet
741
pip
3,961
Pub
12
RubyGems
946
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+

508 advisories

Loading
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an... Moderate Unreviewed
CVE-2022-42446 was published Dec 12, 2022
OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication... Moderate Unreviewed
CVE-2022-45118 was published Dec 8, 2022
Incorrect permission checks in Jenkins Support Core Plugin Moderate
CVE-2022-45383 was published for org.jenkins-ci.plugins:support-core (Maven) Nov 16, 2022
NotMyFault
Incorrect Default Permissions in Liferay Portal Moderate
CVE-2022-42128 was published for com.liferay.portal:release.portal.bom (Maven) Nov 15, 2022
Incorrect Default Permissions in Liferay Portal Moderate
CVE-2022-42127 was published for com.liferay.portal:release.portal.bom (Maven) Nov 15, 2022
Incorrect Default Permissions in Liferay Portal Moderate
CVE-2022-42130 was published for com.liferay.portal:release.portal.bom (Maven) Nov 15, 2022
Incorrect default permissions in the Intel(R) Support Android application before version v22.02... Moderate Unreviewed
CVE-2022-36367 was published Nov 11, 2022
There is a vulnerability in permission verification during the Bluetooth pairing process.... Moderate Unreviewed
CVE-2022-44548 was published Nov 10, 2022
In dismiss and related functions of KeyguardHostViewController.java and related files, there is a... Moderate Unreviewed
CVE-2022-20465 was published Nov 9, 2022
In buzzBeepBlinkLocked of NotificationManagerService.java, there is a possible way to share data... Moderate Unreviewed
CVE-2022-20448 was published Nov 9, 2022
Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux ... Moderate Unreviewed
CVE-2020-36605 was published Nov 1, 2022
The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission... Moderate Unreviewed
CVE-2020-5355 was published Oct 21, 2022
In Red Hat Openshift 1, weak default permissions are applied to the /etc/openshift/server_priv... Moderate Unreviewed
CVE-2013-4281 was published Oct 19, 2022
AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers (running... Moderate Unreviewed
CVE-2022-36439 was published Oct 18, 2022
A registry permissions vulnerability in the Trend Micro Apex One Data Loss Prevention (DLP)... Moderate Unreviewed
CVE-2022-41748 was published Oct 11, 2022
Liferay Portal Insecure Default Configuration in auth.login.prompt.enabled Moderate
CVE-2022-41414 was published for com.liferay.portal:com.liferay.portal.impl (Maven) Oct 7, 2022
parse-server's session object properties can be updated by foreign user if object ID is known Moderate
CVE-2022-39225 was published for parse-server (npm) Sep 21, 2022
A permission bypass vulnerability in Huawei cross device task management could allow an attacker... Moderate Unreviewed
CVE-2021-46834 was published Sep 21, 2022
In affected versions of Octopus Deploy it is possible to upload a package to built-in feed with... Moderate Unreviewed
CVE-2022-2528 was published Sep 10, 2022
ansible-runner has default temporary files written to world R/W locations Moderate
CVE-2021-3701 was published for ansible-runner (pip) Aug 24, 2022
Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4... Moderate Unreviewed
CVE-2021-44470 was published Aug 19, 2022
Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may... Moderate Unreviewed
CVE-2022-27500 was published Aug 19, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4,... Moderate Unreviewed
CVE-2021-39087 was published Aug 17, 2022
In PackageManager, there is a possible installed package disclosure due to a missing permission... Moderate Unreviewed
CVE-2022-20322 was published Aug 13, 2022
In ConnectivityService, there is a possible bypass of network permissions due to a missing... Moderate Unreviewed
CVE-2022-20341 was published Aug 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database