GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,948
Composer 4,873
Erlang 37
GitHub Actions 36
Go 2,519
Maven 5,959
npm 4,156
NuGet 736
pip 3,956
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 270,233

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,336 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers... High Unreviewed

CVE-2022-28999 was published May 24, 2022

IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to... Moderate Unreviewed

CVE-2020-4270 was published May 24, 2022

In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to... High Unreviewed

CVE-2020-0227 was published May 24, 2022

In Bluetooth, there is a possible spoofing of bluetooth device metadata due to a missing... High Unreviewed

CVE-2020-0299 was published May 24, 2022

In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due... High Unreviewed

CVE-2020-0439 was published May 24, 2022

Incorrect Default Permissions in JetBrains Kotlin Moderate

CVE-2020-29582 was published for org.jetbrains.kotlin:kotlin-stdlib (Maven) May 24, 2022

In createInputConsumer of WindowManagerService.java, there is a possible way to block and... High Unreviewed

CVE-2020-0475 was published May 24, 2022

In createVirtualDisplay of DisplayManagerService.java, there is a possible way to create a... High Unreviewed

CVE-2020-0440 was published May 24, 2022

Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1... Moderate Unreviewed

CVE-2020-13270 was published May 24, 2022

In Bluetooth, there is a possible control over Bluetooth enabled state due to a missing... High Unreviewed

CVE-2020-0298 was published May 24, 2022

In getSimSerialNumber of TelephonyManager.java, there is a possible way to read a trackable... Moderate Unreviewed

CVE-2021-0428 was published May 24, 2022

Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers... Moderate Unreviewed

CVE-2021-25344 was published May 24, 2022

In setNightModeActivated of UiModeManagerService.java, there is a missing permission check. This... High Unreviewed

CVE-2021-0389 was published May 24, 2022

In onReceive of DcTracker.java, there is a possible way to trigger a provisioning URL and modify... High Unreviewed

CVE-2021-0380 was published May 24, 2022

A mobile phone of ZTE is impacted by improper access control vulnerability. Due to improper... High Unreviewed

CVE-2021-21732 was published May 24, 2022

An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation... High Unreviewed

CVE-2021-28098 was published May 24, 2022

IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to access data and perform... Moderate Unreviewed

CVE-2020-4274 was published May 24, 2022

In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking... Moderate Unreviewed

CVE-2020-0137 was published May 24, 2022

In areFunctionsSupported of UsbBackend.java, there is a possible access to tethering from a guest... High Unreviewed

CVE-2020-0485 was published May 24, 2022

In CellBroadcastReceiver's intent handlers, there is a possible denial of service due to a... Moderate Unreviewed

CVE-2020-0437 was published May 24, 2022

Insecure File Permissions exist in Aviatrix Controller 5.3.1516. Several world writable files and... High Unreviewed

CVE-2020-27568 was published May 24, 2022

In checkSlicePermission of SliceManagerService.java, there is a possible resource exposure due to... Moderate Unreviewed

CVE-2021-0382 was published May 24, 2022

In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions. High Unreviewed

CVE-2022-31500 was published Jun 3, 2022

Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows... Critical Unreviewed

CVE-2020-28910 was published May 24, 2022

vFairs 3.3 is affected by Insecure Permissions. Any user logged in to a vFairs virtual conference... Moderate Unreviewed

CVE-2020-26679 was published May 24, 2022

Previous 1…3…54 Next

Previous 1 2 3 4 5 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,336 advisories