Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,032 advisories

Loading
An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017... High Unreviewed
CVE-2018-7533 was published May 13, 2022
Google Chrome before 14.0.835.163 uses incorrect permissions for non-gallery pages, which has... Moderate Unreviewed
CVE-2011-2859 was published May 13, 2022
The drag-and-drop implementation in Google Chrome before 13.0.782.107 on Linux does not properly... Moderate Unreviewed
CVE-2011-2782 was published May 13, 2022
Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions,... Moderate Unreviewed
CVE-2011-1435 was published May 13, 2022
Atlassian Confluence starting with 4.3.0 before 6.2.1 did not check if a user had permission to... Moderate Unreviewed
CVE-2017-9505 was published May 13, 2022
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and... High Unreviewed
CVE-2016-5425 was published May 13, 2022
An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default... Moderate Unreviewed
CVE-2019-0683 was published May 13, 2022
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function... Moderate Unreviewed
CVE-2018-14335 was published May 13, 2022
The CorsairService Service in Corsair Utility Engine is installed with insecure default... High Unreviewed
CVE-2018-12441 was published May 13, 2022
SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory,... High Unreviewed
CVE-2018-10604 was published May 13, 2022
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other... Low Unreviewed
CVE-2012-4453 was published May 13, 2022
Moodle Incorrect Default Settings Moderate
CVE-2011-4285 was published for moodle/moodle (Composer) May 13, 2022
It was found that system umask policy is not being honored when creating XDG user directories,... High Unreviewed
CVE-2017-15131 was published May 13, 2022
MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests,... Moderate Unreviewed
CVE-2011-4361 was published May 13, 2022
Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business... High Unreviewed
CVE-2016-3943 was published May 13, 2022
Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering... High Unreviewed
CVE-2015-7378 was published May 13, 2022
Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation... High Unreviewed
CVE-2016-6914 was published May 13, 2022
The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change... Moderate Unreviewed
CVE-2013-4394 was published May 13, 2022
Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder,... High Unreviewed
CVE-2015-7985 was published May 13, 2022
A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10... Moderate Unreviewed
CVE-2019-3870 was published May 13, 2022
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows... High Unreviewed
CVE-2022-30594 was published May 13, 2022
In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due... High Unreviewed
CVE-2022-20004 was published May 11, 2022
Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. The impact is: obtain sensitive... High Unreviewed
CVE-2022-23802 was published May 7, 2022
Incorrect Default Permissions in Apache Commons FileUpload Low
CVE-2013-0248 was published for commons-fileupload:commons-fileupload (Maven) May 5, 2022
Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages... Moderate Unreviewed
CVE-2013-4763 was published May 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database