GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,874
Erlang
37
GitHub Actions
36
Go
2,521
Maven
5,000+
npm
4,163
NuGet
741
pip
3,961
Pub
12
RubyGems
946
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+
1,336 advisories
Filter by severity
In Vtiger 7.x before 7.2.0, the My Preferences saving functionality allows a user without...
High
Unreviewed
CVE-2019-19202
was published
May 24, 2022
Cloudera CDH has Insecure Permissions because ALL cannot be revoked.This affects 5.x through 5.15...
High
Unreviewed
CVE-2018-17860
was published
May 24, 2022
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an...
Low
Unreviewed
CVE-2019-14861
was published
May 24, 2022
Improper permissions in the installer for the License Server software for Intel? Quartus? Prime...
High
Unreviewed
CVE-2019-14603
was published
May 24, 2022
Improper permissions in the installer for the Intel(R) SCS Platform Discovery Utility, all...
High
Unreviewed
CVE-2019-14605
was published
May 24, 2022
Missing permission check in Jenkins Gerrit Trigger Plugin
Moderate
CVE-2019-16552
was published
for
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
(Maven)
May 24, 2022
Jenkins WebSphere Deployer Plugin missing permission check
Moderate
CVE-2019-16559
was published
for
org.jenkins-ci.plugins:websphere-deployer
(Maven)
May 24, 2022
Missing permission check in Jenkins Build Failure Analyzer Plugin
Moderate
CVE-2019-16554
was published
for
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
(Maven)
May 24, 2022
Improper directory permissions in the installer for Intel(R) Management Engine Consumer Driver...
High
Unreviewed
CVE-2019-11097
was published
May 24, 2022
Singularity insecure permissions
High
CVE-2019-19724
was published
for
github.com/sylabs/singularity
(Go)
May 24, 2022
ColdFusion versions Update 6 and earlier have an insecure inherited permissions of default...
High
Unreviewed
CVE-2019-8256
was published
May 24, 2022
In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a...
Low
Unreviewed
CVE-2020-0009
was published
May 24, 2022
Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10.0.18 allows an...
High
Unreviewed
CVE-2020-5196
was published
May 24, 2022
Improper permission or value checking in the CLI console may allow a non-privileged user to...
Low
Unreviewed
CVE-2019-5593
was published
May 24, 2022
An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for...
Moderate
Unreviewed
CVE-2019-17103
was published
May 24, 2022
A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 and 4.7.8 allows any...
High
Unreviewed
CVE-2019-7656
was published
May 24, 2022
Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0...
Moderate
Unreviewed
CVE-2019-20106
was published
May 24, 2022
In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user...
Moderate
Unreviewed
CVE-2020-0023
was published
May 24, 2022
Couchbase Server 4.x and 5.x before 6.0.0 has Insecure Permissions for the projector and indexer...
High
Unreviewed
CVE-2020-9039
was published
May 24, 2022
The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and...
High
Unreviewed
CVE-2020-3838
was published
May 24, 2022
Incorrect default permissions in the installer for Intel(R) Graphics Drivers before versions 15...
Moderate
Unreviewed
CVE-2020-0508
was published
May 24, 2022
OpenStack Manila Unprivileged users can retrieve, use and manipulate share networks
High
CVE-2020-9543
was published
for
manila
(pip)
May 24, 2022
Improper input validation in Druva inSync Client 6.5.0 allows a local, authenticated attacker to...
Moderate
Unreviewed
CVE-2019-4001
was published
May 24, 2022
Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecure file...
High
Unreviewed
CVE-2020-3766
was published
May 24, 2022
Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a...
Moderate
Unreviewed
CVE-2020-6431
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API