GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
490 advisories
Filter by severity
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect...
High
Unreviewed
CVE-2022-26839
was published
Mar 30, 2022
The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a...
High
Unreviewed
CVE-2021-40904
was published
Mar 27, 2022
Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD Smart Lock as of 12-13...
High
Unreviewed
CVE-2021-44905
was published
Mar 26, 2022
In parse of RoleParser.java, there is a possible way for default apps to get permissions...
High
Unreviewed
CVE-2021-39694
was published
Mar 17, 2022
In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials...
High
Unreviewed
CVE-2021-39706
was published
Mar 17, 2022
In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message...
High
Unreviewed
CVE-2021-39734
was published
Mar 17, 2022
There is a permission control vulnerability in the PMS module. Successful exploitation of this...
High
Unreviewed
CVE-2021-40049
was published
Mar 11, 2022
The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure...
High
Unreviewed
CVE-2022-25943
was published
Mar 10, 2022
Insecure permissions in the file database.sdb of BatFlat CMS v1.3.6 allows attackers to dump the...
High
Unreviewed
CVE-2021-41652
was published
Mar 3, 2022
WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an...
High
Unreviewed
CVE-2022-23922
was published
Feb 25, 2022
WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an...
High
Unreviewed
CVE-2022-23104
was published
Feb 25, 2022
Local privilege escalation due to excessive permissions assigned to child processes. The...
High
Unreviewed
CVE-2022-24113
was published
Feb 12, 2022
In checkUriPermission of MediaProvider.java , there is a possible way to gain access to the...
High
Unreviewed
CVE-2021-39662
was published
Feb 12, 2022
A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized...
High
Unreviewed
CVE-2021-22817
was published
Feb 11, 2022
Incorrect default permissions in the software installer for the Intel(R) Advisor before version...
High
Unreviewed
CVE-2021-33129
was published
Feb 11, 2022
Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an...
High
Unreviewed
CVE-2022-21204
was published
Feb 11, 2022
A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server...
High
Unreviewed
CVE-2021-40397
was published
Jan 29, 2022
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1...
High
Unreviewed
CVE-2021-40396
was published
Jan 29, 2022
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge...
High
Unreviewed
CVE-2021-40389
was published
Jan 29, 2022
A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially...
High
Unreviewed
CVE-2021-40388
was published
Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability...
High
Unreviewed
CVE-2021-40414
was published
Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability...
High
Unreviewed
CVE-2021-40413
was published
Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability...
High
Unreviewed
CVE-2021-40416
was published
Jan 29, 2022
xzs-mysql >= t3.4.0 is vulnerable to Insecure Permissions. The front end of this open source...
High
Unreviewed
CVE-2021-46086
was published
Jan 26, 2022
A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows...
High
Unreviewed
CVE-2021-36781
was published
Jan 15, 2022
ProTip!
Advisories are also available from the
GraphQL API