GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,032 advisories
Filter by severity
SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3)...
Low
Unreviewed
CVE-2005-1941
was published
May 1, 2022
Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with...
High
Unreviewed
CVE-2002-1844
was published
Apr 30, 2022
The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home...
Low
Unreviewed
CVE-2002-1713
was published
Apr 30, 2022
Apache Tomcat may be started without proper security settings
High
CVE-2002-0493
was published
for
org.apache.tomcat:tomcat
(Maven)
Apr 30, 2022
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure...
Moderate
Unreviewed
CVE-2001-0497
was published
Apr 30, 2022
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.
High
Unreviewed
CVE-1999-0426
was published
Apr 30, 2022
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype...
Moderate
Unreviewed
CVE-2004-1778
was published
Apr 29, 2022
In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is...
High
Unreviewed
CVE-2022-29585
was published
Apr 29, 2022
An issue was discovered in CipherMail Webmail Messenger 1.1.1 through 4.1.4. A local attacker...
Moderate
Unreviewed
CVE-2022-28218
was published
Apr 27, 2022
Moodle default permissions too permissive
Moderate
CVE-2012-1157
was published
for
moodle/moodle
(Composer)
Apr 23, 2022
A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175...
Moderate
Unreviewed
CVE-2021-3722
was published
Apr 23, 2022
Incorrect Default Permissions in CRI-O
Moderate
CVE-2022-27652
was published
for
github.com/cri-o/cri-o
(Go)
Apr 22, 2022
The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the...
High
Unreviewed
CVE-2022-29547
was published
Apr 22, 2022
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager...
High
Unreviewed
CVE-2022-20732
was published
Apr 22, 2022
A improper permission configuration vulnerability in Xiaomi Content Center APP. This...
Moderate
Unreviewed
CVE-2020-14117
was published
Apr 22, 2022
The setup program for the affected product configures its files and folders with full access,...
High
Unreviewed
CVE-2021-43986
was published
Apr 21, 2022
Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does...
Moderate
Unreviewed
CVE-2022-26595
was published
Apr 20, 2022
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking...
Moderate
Unreviewed
CVE-2011-1762
was published
Apr 19, 2022
In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the...
High
Unreviewed
CVE-2021-39794
was published
Apr 13, 2022
Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local...
Moderate
Unreviewed
CVE-2022-27840
was published
Apr 12, 2022
Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1...
Moderate
Unreviewed
CVE-2022-27960
was published
Apr 11, 2022
Insecure permissions configured in the userid parameter at /user/getuserprofile of FEBS-Security...
Moderate
Unreviewed
CVE-2022-27958
was published
Apr 11, 2022
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions...
Moderate
Unreviewed
CVE-2022-26855
was published
Apr 9, 2022
A bug in CmpUserMgr component can lead to only partially applied security policies. This can...
Moderate
Unreviewed
CVE-2022-22518
was published
Apr 8, 2022
Podman's default inheritable capabilities for linux container not empty
High
CVE-2022-27649
was published
for
github.com/containers/podman/v4
(Go)
Apr 1, 2022
ProTip!
Advisories are also available from the
GraphQL API