GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,991
Composer 4,876
Erlang 37
GitHub Actions 36
Go 2,521
Maven 5,974
npm 4,167
NuGet 741
pip 3,963
Pub 12
RubyGems 946
Rust 1,028
Swift 39

Unreviewed advisories

All unreviewed 271,041

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,336 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without... High Unreviewed

CVE-2019-19202 was published May 24, 2022

Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15... High Unreviewed

CVE-2018-17860 was published May 24, 2022

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an... Low Unreviewed

CVE-2019-14861 was published May 24, 2022

Improper permissions in the installer for the License Server software for Intel? Quartus? Prime... High Unreviewed

CVE-2019-14603 was published May 24, 2022

Improper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all... High Unreviewed

CVE-2019-14605 was published May 24, 2022

Missing permission check in Jenkins Gerrit Trigger Plugin Moderate

CVE-2019-16552 was published for com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (Maven) May 24, 2022

Jenkins WebSphere Deployer Plugin missing permission check Moderate

CVE-2019-16559 was published for org.jenkins-ci.plugins:websphere-deployer (Maven) May 24, 2022

Missing permission check in Jenkins Build Failure Analyzer Plugin Moderate

CVE-2019-16554 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) May 24, 2022

Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver... High Unreviewed

CVE-2019-11097 was published May 24, 2022

Singularity insecure permissions High

CVE-2019-19724 was published for github.com/sylabs/singularity (Go) May 24, 2022

ColdFusion versions Update 6 and earlier have an insecure inherited permissions of default... High Unreviewed

CVE-2019-8256 was published May 24, 2022

In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a... Low Unreviewed

CVE-2020-0009 was published May 24, 2022

Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10.0.18 allows an... High Unreviewed

CVE-2020-5196 was published May 24, 2022

Improper permission or value checking in the CLI console may allow a non-privileged user to... Low Unreviewed

CVE-2019-5593 was published May 24, 2022

An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for... Moderate Unreviewed

CVE-2019-17103 was published May 24, 2022

A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 and 4.7.8 allows any... High Unreviewed

CVE-2019-7656 was published May 24, 2022

Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0... Moderate Unreviewed

CVE-2019-20106 was published May 24, 2022

In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user... Moderate Unreviewed

CVE-2020-0023 was published May 24, 2022

Couchbase Server 4.x and 5.x before 6.0.0 has Insecure Permissions for the projector and indexer... High Unreviewed

CVE-2020-9039 was published May 24, 2022

The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and... High Unreviewed

CVE-2020-3838 was published May 24, 2022

Incorrect default permissions in the installer for Intel(R) Graphics Drivers before versions 15... Moderate Unreviewed

CVE-2020-0508 was published May 24, 2022

OpenStack Manila Unprivileged users can retrieve, use and manipulate share networks High

CVE-2020-9543 was published for manila (pip) May 24, 2022

Improper input validation in Druva inSync Client 6.5.0 allows a local, authenticated attacker to... Moderate Unreviewed

CVE-2019-4001 was published May 24, 2022

Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecure file... High Unreviewed

CVE-2020-3766 was published May 24, 2022

Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed

CVE-2020-6431 was published May 24, 2022

Previous 1…11…54 Next

Previous 1 2 … 9 10 11 12 13 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,336 advisories