Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,874
Erlang
37
GitHub Actions
36
Go
2,520
Maven
5,000+
npm
4,160
NuGet
741
pip
3,961
Pub
12
RubyGems
946
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+

508 advisories

Loading
Liferay Portal and Liferay DXP Fails to Check Permissions Moderate
CVE-2021-29052 was published for com.liferay.portal:release.dxp.bom (Maven) May 24, 2022
Drupal Core Access bypass vulnerability Moderate
CVE-2020-13667 was published for drupal/core (Composer) May 24, 2022
Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2 allows remote... Moderate Unreviewed
CVE-2021-26804 was published May 24, 2022
A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.400.3252... Moderate Unreviewed
CVE-2021-3451 was published May 24, 2022
Multiple system services installed alongside the Razer Synapse 3 software suite perform... Moderate Unreviewed
CVE-2021-30494 was published May 24, 2022
Multiple system services installed alongside the Razer Synapse 3 software suite perform... Moderate Unreviewed
CVE-2021-30493 was published May 24, 2022
In getSimSerialNumber of TelephonyManager.java, there is a possible way to read a trackable... Moderate Unreviewed
CVE-2021-0428 was published May 24, 2022
Agents are able to see linked FAQ articles without permissions (defined in FAQ Category). This... Moderate Unreviewed
CVE-2021-21438 was published May 24, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... Moderate Unreviewed
CVE-2020-4976 was published May 24, 2022
In checkSlicePermission of SliceManagerService.java, there is a possible resource exposure due to... Moderate Unreviewed
CVE-2021-0382 was published May 24, 2022
In updateNotifications of DeviceStorageMonitorService.java, there is a possible permission bypass... Moderate Unreviewed
CVE-2021-0381 was published May 24, 2022
A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.200.2042... Moderate Unreviewed
CVE-2020-8357 was published May 24, 2022
Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers... Moderate Unreviewed
CVE-2021-25344 was published May 24, 2022
"Tasks" application version before 9.7.3 is affected by insecure permissions. The... Moderate Unreviewed
CVE-2020-22475 was published May 24, 2022
Calsos CSDJ (CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and... Moderate Unreviewed
CVE-2021-20653 was published May 24, 2022
Incorrect default permissions in the installer for the Intel(R) RealSense(TM) DCM may allow a... Moderate Unreviewed
CVE-2020-8765 was published May 24, 2022
Incorrect default permissions in installer for the Intel(R) SSD Toolbox versions before 2/9/2021... Moderate Unreviewed
CVE-2020-8701 was published May 24, 2022
Improper default permissions in the firmware for the Intel(R) Ethernet I210 Controller series of... Moderate Unreviewed
CVE-2020-0524 was published May 24, 2022
When using an object storage like S3 as the file store, when a user creates a public link to a... Moderate Unreviewed
CVE-2020-16144 was published May 24, 2022
Agents are able to see and link Config Items without permissions, which are defined in General... Moderate Unreviewed
CVE-2021-21436 was published May 24, 2022
Incorrect Default Permissions in JetBrains Kotlin Moderate
CVE-2020-29582 was published for org.jetbrains.kotlin:kotlin-stdlib (Maven) May 24, 2022
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API... Moderate Unreviewed
CVE-2020-25208 was published May 24, 2022
A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to... Moderate Unreviewed
CVE-2020-26941 was published May 24, 2022
An issue was discovered in Zammad before 3.4.1. The global-search feature leaks Knowledge Base... Moderate Unreviewed
CVE-2020-26031 was published May 24, 2022
Default inheritable capabilities for linux container should be empty Moderate
CVE-2022-29162 was published for github.com/opencontainers/runc (Go) May 24, 2022
AndrewGMorgan
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database