GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,070
Composer 4,319
Erlang 31
GitHub Actions 21
Go 2,077
Maven 5,250
npm 3,746
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,282

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

254 advisories

Filter by severity

Sort by

Least recently updated

The communication module has a vulnerability of improper permission preservation. Successful... Moderate Unreviewed

CVE-2022-31755 was published Jun 14, 2022

Improper validation of permissions for third party application accessing Telephony service API... Moderate Unreviewed

CVE-2021-35079 was published Jun 15, 2022

MetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because... Moderate Unreviewed

CVE-2022-32969 was published Jun 30, 2022

IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes... High Unreviewed

CVE-2022-22472 was published Jul 1, 2022

fhir-works-on-aws-authz-smart handles permissions improperly Moderate

CVE-2022-39230 was published for fhir-works-on-aws-authz-smart (npm) Sep 21, 2022

Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a... Moderate Unreviewed

CVE-2020-6564 was published May 24, 2022

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not... Moderate Unreviewed

CVE-2022-47547 was published Dec 19, 2022

The PKI keys exported using the command "run request security pki key-pair export" on Junos OS... Low Unreviewed

CVE-2019-0073 was published May 24, 2022

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR... Moderate Unreviewed

CVE-2020-7063 was published May 24, 2022

In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions... Moderate Unreviewed

CVE-2020-13230 was published May 24, 2022

An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to... High Unreviewed

CVE-2022-31262 was published Aug 18, 2022

In core networking, there is a missing permission check. This could lead to local information... Moderate Unreviewed

CVE-2020-0327 was published May 24, 2022

In Android Auto Settings, there is a possible permission bypass due to an unsafe PendingIntent.... Moderate Unreviewed

CVE-2020-0269 was published May 24, 2022

In Telephony, there are possible leaks of sensitive data due to missing permission checks. This... Moderate Unreviewed

CVE-2020-0265 was published May 24, 2022

Dell PowerScale OneFS, versions 9.2.0 up to and including 9.2.1.12 and 9.3.0.5 contain an... Low Unreviewed

CVE-2022-31237 was published Aug 23, 2022

In Settings, there is a possible permissions bypass. This could lead to local information... Moderate Unreviewed

CVE-2020-0331 was published May 24, 2022

Improper permissions in the installer for the Intel(R) HID Event Filter Driver, all versions, may... High Unreviewed

CVE-2020-12332 was published May 24, 2022

Improper permissions in the installer for the Intel(R) Falcon 8+ UAS AscTec Thermal Viewer, all... High Unreviewed

CVE-2020-12330 was published May 24, 2022

Improper permissions in the Intel(R) Data Center Manager Console before version 3.6.2 may allow... Moderate Unreviewed

CVE-2020-12353 was published May 24, 2022

Improper permissions in the installer for the Intel(R) Processor Identification Utility before... High Unreviewed

CVE-2020-12335 was published May 24, 2022

Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2... High Unreviewed

CVE-2020-12334 was published May 24, 2022

Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an... High Unreviewed

CVE-2020-24525 was published May 24, 2022

Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged,... High Unreviewed

CVE-2020-5796 was published May 24, 2022

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC... Moderate Unreviewed

CVE-2021-23963 was published May 24, 2022

If certificates that signed grub are installed into db, grub can be booted directly. It will then... Moderate Unreviewed

CVE-2021-3418 was published May 24, 2022

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

254 advisories