Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,288 advisories

Loading
Local privilege escalation due to excessive permissions assigned to child processes. The... High Unreviewed
CVE-2022-24113 was published Feb 12, 2022
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious... Critical Unreviewed
CVE-2020-14521 was published Feb 12, 2022
ims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify... Critical Unreviewed
CVE-2021-39635 was published Feb 12, 2022
ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms... Critical Unreviewed
CVE-2021-39658 was published Feb 12, 2022
In checkUriPermission of MediaProvider.java , there is a possible way to gain access to the... High Unreviewed
CVE-2021-39662 was published Feb 12, 2022
Unprotected component vulnerability in StTheaterModeReceiver in Wear OS 3.0 prior to Firmware... Moderate Unreviewed
CVE-2022-23996 was published Feb 12, 2022
Unprotected component vulnerability in StBedtimeModeAlarmReceiver in Wear OS 3.0 prior to... Moderate Unreviewed
CVE-2022-23995 was published Feb 12, 2022
It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu... Critical Unreviewed
CVE-2021-20001 was published Feb 12, 2022
Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged... Moderate Unreviewed
CVE-2021-0093 was published Feb 11, 2022
A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized... High Unreviewed
CVE-2021-22817 was published Feb 11, 2022
Incorrect default permissions in the software installer for the Intel(R) Advisor before version... High Unreviewed
CVE-2021-33129 was published Feb 11, 2022
Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may... Moderate Unreviewed
CVE-2021-33166 was published Feb 11, 2022
Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an... High Unreviewed
CVE-2022-21204 was published Feb 11, 2022
Incorrect Default Permissions in Apache Tomcat High
CVE-2020-8022 was published for org.apache.tomcat:tomcat (Maven) Feb 9, 2022 withdrawn
westonsteimel
Incorrect Default Permissions in Apache DolphinScheduler High
CVE-2020-13922 was published for org.apache.dolphinscheduler:dolphinscheduler-api (Maven) Feb 9, 2022
eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php. Critical Unreviewed
CVE-2021-46093 was published Feb 2, 2022
A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server... High Unreviewed
CVE-2021-40397 was published Jan 29, 2022
A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially... High Unreviewed
CVE-2021-40388 was published Jan 29, 2022
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1... High Unreviewed
CVE-2021-40396 was published Jan 29, 2022
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge... High Unreviewed
CVE-2021-40389 was published Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... High Unreviewed
CVE-2021-40416 was published Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... Moderate Unreviewed
CVE-2021-40415 was published Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... High Unreviewed
CVE-2021-40413 was published Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... High Unreviewed
CVE-2021-40414 was published Jan 29, 2022
OneBlog <= 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high... Moderate Unreviewed
CVE-2021-46085 was published Jan 26, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database