GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
388 advisories
Filter by severity
PortSwigger Burp Suite Enterprise Edition before 2021.11 on Windows has weak file permissions for...
Moderate
Unreviewed
CVE-2021-44230
was published
Dec 1, 2021
There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone...
Moderate
Unreviewed
CVE-2021-37058
was published
Dec 8, 2021
WebExtensions with the correct permissions were able to create and install ServiceWorkers for...
Moderate
Unreviewed
CVE-2021-43540
was published
Dec 9, 2021
In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission...
Moderate
Unreviewed
CVE-2021-0931
was published
Dec 16, 2021
It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings...
Moderate
Unreviewed
CVE-2021-35248
was published
Dec 21, 2021
A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and...
Moderate
Unreviewed
CVE-2021-3557
was published
Feb 17, 2022
WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged...
Moderate
Unreviewed
CVE-2022-25363
was published
Feb 25, 2022
An issue exists in Fuchsia where VMO data can be modified through access to copy-on-write...
Moderate
Unreviewed
CVE-2022-0247
was published
Feb 26, 2022
The Job Composer app in Ohio Supercomputer Center Open OnDemand before 1.7.19 and 1.8.x before 1...
Moderate
Unreviewed
CVE-2020-27958
was published
Feb 27, 2022
An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. The...
Moderate
Unreviewed
CVE-2022-26157
was published
Mar 1, 2022
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels...
Moderate
Unreviewed
CVE-2021-3631
was published
Mar 4, 2022
Ericsson Network Manager 20.2 has Insecure Permissions.
Moderate
Unreviewed
CVE-2021-28488
was published
Mar 11, 2022
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4,...
Moderate
Unreviewed
CVE-2020-15388
was published
Mar 19, 2022
TMS v2.28.0 contains an insecure permissions vulnerability via the component /TMS/admin/user...
Moderate
Unreviewed
CVE-2022-26247
was published
Mar 21, 2022
In RuoYi v4.7.2 through the WebUI, user test1 does not have permission to reset the password of...
Moderate
Unreviewed
CVE-2022-23869
was published
Mar 31, 2022
Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a...
Moderate
Unreviewed
CVE-2022-0803
was published
Apr 6, 2022
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications ...
Moderate
Unreviewed
CVE-2022-21475
was published
Apr 20, 2022
The affected product is vulnerable to misconfigured binaries, allowing users on the target PC...
Moderate
Unreviewed
CVE-2021-38483
was published
Apr 21, 2022
On version 2.x before 2.0.3 and 1.x before 1.12.3, the command line restriction that controls...
Moderate
Unreviewed
CVE-2021-23055
was published
Apr 22, 2022
IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7...
Moderate
Unreviewed
CVE-2007-5544
was published
May 1, 2022
The Replace function in the capp-lspp-config script in the (1) lspp-eal4-config-ibm and (2) capp...
Moderate
Unreviewed
CVE-2008-0884
was published
May 1, 2022
nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/nss-ldapd.conf file, which...
Moderate
Unreviewed
CVE-2009-1073
was published
May 2, 2022
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of...
Moderate
Unreviewed
CVE-2009-3289
was published
May 2, 2022
TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions ...
Moderate
Unreviewed
CVE-2009-3482
was published
May 2, 2022
Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure...
Moderate
Unreviewed
CVE-2009-3489
was published
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API