Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,388 advisories

Loading
Insecure inherited permissions in the installer for the Intel(R) NUC M15 Laptop Kit Serial IO... High Unreviewed
CVE-2021-33093 was published May 24, 2022
Insecure inherited permissions in the installer for the Intel(R) NUC M15 Laptop Kit audio driver... High Unreviewed
CVE-2021-33091 was published May 24, 2022
Insecure inherited permissions in the installer for the Intel(R) NUC M15 Laptop Kit Keyboard LED... High Unreviewed
CVE-2021-33094 was published May 24, 2022
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user... High Unreviewed
CVE-2021-27024 was published May 24, 2022
IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local non... High Unreviewed
CVE-2019-4078 was published May 24, 2022
An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30. A user with low privileges can... Moderate Unreviewed
CVE-2019-9008 was published May 24, 2022
An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D... Moderate Unreviewed
CVE-2019-5068 was published May 24, 2022
NuGet Package Manager Tampering Vulnerability Moderate
CVE-2019-0976 was published for NuGet.Commands (NuGet) May 24, 2022
JarLob
Credited to JarLob
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA... High Unreviewed
CVE-2021-22669 was published May 24, 2022
SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC. It uses an executable running... High Unreviewed
CVE-2020-15593 was published May 24, 2022
A vulnerability was found in logrotate in how the state file is created. The state file is used... Moderate Unreviewed
CVE-2022-1348 was published May 26, 2022
Missing Authorization in Apache Archiva Moderate
CVE-2022-29405 was published for org.apache.archiva:archiva (Maven) May 26, 2022
DedeCMS v5.7.93 was discovered to contain arbitrary file deletion vulnerability in upload.php via... Moderate Unreviewed
CVE-2022-30508 was published May 27, 2022
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a... High Unreviewed
CVE-2022-30700 was published May 28, 2022
In telephony, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-21749 was published Jun 7, 2022
In telephony, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-21748 was published Jun 7, 2022
Within the Service Desk module of the ITarian platform (SAAS and on-premise), a remote attacker... High Unreviewed
CVE-2022-25151 was published Jun 10, 2022
The Log WP_Mail WordPress plugin through 0.1 saves sent email in a publicly accessible directory... High Unreviewed
CVE-2022-1412 was published Jun 14, 2022
In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have... Moderate Unreviewed
CVE-2021-40649 was published Jun 15, 2022
A vulnerability has been identified in Xpedition Designer (All versions < VX.2.11). The affected... High Unreviewed
CVE-2022-31465 was published Jun 15, 2022
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local,... High Unreviewed
CVE-2022-28226 was published Jun 16, 2022
In universal forwarder versions before 9.0, management services are available remotely by default... High Unreviewed
CVE-2022-32155 was published Jun 16, 2022
An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. When installing,... High Unreviewed
CVE-2022-34006 was published Jun 20, 2022
Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640... Moderate Unreviewed
CVE-2022-1596 was published Jun 22, 2022
Insecure permissions in OneBlog v2.3.4 allows low-level administrators to reset the passwords of... Moderate Unreviewed
CVE-2022-34012 was published Jun 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database