GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
106 advisories
Filter by severity
lakeFS vulnerable to authenticated users deleting files they are not authorized to delete
High
GHSA-28q9-9c3g-v3f9
was published
for
github.com/treeverse/lakefs
(Go)
Sep 23, 2022
Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure...
High
Unreviewed
CVE-2022-24618
was published
Mar 11, 2022
In createOrUpdate of BasePermission.java, there is a possible permission bypass due to a logic...
High
Unreviewed
CVE-2021-39695
was published
Mar 17, 2022
In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to...
High
Unreviewed
CVE-2021-39704
was published
Mar 17, 2022
In checkFileUriDestination of DownloadProvider.java, there is a possible way to bypass external...
High
Unreviewed
CVE-2021-39697
was published
Mar 17, 2022
In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without...
High
Unreviewed
CVE-2021-0965
was published
Dec 16, 2021
In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an...
High
Unreviewed
CVE-2021-1004
was published
Dec 16, 2021
In onReceive of AlertReceiver.java, there is a possible way to dismiss system dialog due to a...
High
Unreviewed
CVE-2021-0985
was published
Dec 16, 2021
In the broadcast definition in AndroidManifest.xml, there is a possible way to set the A2DP...
High
Unreviewed
CVE-2021-0999
was published
Dec 16, 2021
An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux...
High
Unreviewed
CVE-2021-3847
was published
Apr 3, 2022
Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain...
High
Unreviewed
CVE-2022-24428
was published
Apr 9, 2022
In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission...
High
Unreviewed
CVE-2021-39622
was published
Jan 15, 2022
Improper Preservation of Permissions in Apache Struts
High
CVE-2019-0233
was published
for
org.apache.struts:struts2-core
(Maven)
May 24, 2022
eG Agent before 7.2 has weak file permissions that enable escalation of privileges to SYSTEM.
High
Unreviewed
CVE-2022-29594
was published
Jun 3, 2022
IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes...
High
Unreviewed
CVE-2022-22472
was published
Jul 1, 2022
An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to...
High
Unreviewed
CVE-2022-31262
was published
Aug 18, 2022
Improper permissions in the installer for the Intel(R) Falcon 8+ UAS AscTec Thermal Viewer, all...
High
Unreviewed
CVE-2020-12330
was published
May 24, 2022
Improper permissions in the installer for the Intel(R) HID Event Filter Driver, all versions, may...
High
Unreviewed
CVE-2020-12332
was published
May 24, 2022
Improper permissions in the installer for the Intel(R) Processor Identification Utility before...
High
Unreviewed
CVE-2020-12335
was published
May 24, 2022
Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2...
High
Unreviewed
CVE-2020-12334
was published
May 24, 2022
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an...
High
Unreviewed
CVE-2020-24525
was published
May 24, 2022
Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged,...
High
Unreviewed
CVE-2020-5796
was published
May 24, 2022
Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before...
High
Unreviewed
CVE-2021-0077
was published
May 24, 2022
In JetBrains UpSource before 2020.1.1883, application passwords were not revoked correctly
High
Unreviewed
CVE-2021-30482
was published
May 24, 2022
Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of privileges vulnerability...
High
Unreviewed
CVE-2020-27383
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API