Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

73 advisories

Loading
Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh. Critical Unreviewed
CVE-2021-36365 was published May 24, 2022
Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php. Critical Unreviewed
CVE-2021-36363 was published May 24, 2022
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful... Critical Unreviewed
CVE-2021-36990 was published May 24, 2022
There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-36989 was published May 24, 2022
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an... Critical Unreviewed
CVE-2022-33175 was published Jun 14, 2022
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation... Critical Unreviewed
CVE-2022-32207 was published Jul 8, 2022
The application security module has a vulnerability in permission assignment. Successful... Critical Unreviewed
CVE-2022-34737 was published Jul 13, 2022
The AOD module has a vulnerability in permission assignment. Successful exploitation of this... Critical Unreviewed
CVE-2022-37003 was published Aug 11, 2022
influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing... Critical Unreviewed
CVE-2022-36640 was published Sep 3, 2022
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Insecure Permissions... Critical Unreviewed
CVE-2022-40109 was published Sep 7, 2022
Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier,... Critical Unreviewed
CVE-2022-34824 was published Nov 9, 2022
An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration... Critical Unreviewed
CVE-2021-34182 was published Feb 17, 2023
Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a... Critical Unreviewed
CVE-2023-26918 was published Apr 14, 2023
An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which... Critical Unreviewed
CVE-2023-23059 was published May 4, 2023
SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be... Critical Unreviewed
CVE-2023-29919 was published May 23, 2023
SoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the component provides the method... Critical Unreviewed
CVE-2023-29732 was published May 30, 2023
Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. A remote... Critical Unreviewed
CVE-2023-33282 was published Jun 7, 2023
An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. An... Critical Unreviewed
CVE-2023-31116 was published Jun 7, 2023
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device... Critical Unreviewed
CVE-2023-29131 was published Jul 11, 2023
TeleAdapt RoomCast TA-2400 1.0 through 3.1 is vulnerable to Improper Privilege Management: from... Critical Unreviewed
CVE-2023-33745 was published Jul 27, 2023
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control... Critical Unreviewed
CVE-2023-31067 was published Sep 11, 2023
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control... Critical Unreviewed
CVE-2023-31068 was published Sep 11, 2023
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured... Critical Unreviewed
CVE-2022-4039 was published Sep 22, 2023
TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the ... Critical Unreviewed
CVE-2023-27133 was published Oct 17, 2023
TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions... Critical Unreviewed
CVE-2022-42150 was published Oct 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database