Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,829
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

131 advisories

Loading
A permissions issue existed. This issue was addressed with improved permission validation. This... High Unreviewed
CVE-2021-30827 was published May 24, 2022
A flaw was found in satellite. When giving granular permission related to the organization, other... High Unreviewed
CVE-2021-3414 was published Aug 27, 2022
An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service... High Unreviewed
CVE-2021-32465 was published May 24, 2022
Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to... High Unreviewed
CVE-2020-15496 was published May 24, 2022
A flaw was found in 3Scale APICast in versions prior to 2.11.0, where it incorrectly identified... High Unreviewed
CVE-2021-3523 was published Apr 28, 2022
Improper permissions in the installer for the Intel(R) Computing Improvement Program software... High Unreviewed
CVE-2021-0074 was published May 24, 2022
Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of privileges vulnerability... High Unreviewed
CVE-2020-27383 was published May 24, 2022
In JetBrains UpSource before 2020.1.1883, application passwords were not revoked correctly High Unreviewed
CVE-2021-30482 was published May 24, 2022
Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before... High Unreviewed
CVE-2021-0077 was published May 24, 2022
Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged,... High Unreviewed
CVE-2020-5796 was published May 24, 2022
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an... High Unreviewed
CVE-2020-24525 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Processor Identification Utility before... High Unreviewed
CVE-2020-12335 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2... High Unreviewed
CVE-2020-12334 was published May 24, 2022
Improper permissions in the installer for the Intel(R) HID Event Filter Driver, all versions, may... High Unreviewed
CVE-2020-12332 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Falcon 8+ UAS AscTec Thermal Viewer, all... High Unreviewed
CVE-2020-12330 was published May 24, 2022
An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to... High Unreviewed
CVE-2022-31262 was published Aug 18, 2022
IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes... High Unreviewed
CVE-2022-22472 was published Jul 1, 2022
eG Agent before 7.2 has weak file permissions that enable escalation of privileges to SYSTEM. High Unreviewed
CVE-2022-29594 was published Jun 3, 2022
Improper Preservation of Permissions in Apache Struts High
CVE-2019-0233 was published for org.apache.struts:struts2-core (Maven) May 24, 2022
In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission... High Unreviewed
CVE-2021-39622 was published Jan 15, 2022
Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain... High Unreviewed
CVE-2022-24428 was published Apr 9, 2022
An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux... High Unreviewed
CVE-2021-3847 was published Apr 3, 2022
In the broadcast definition in AndroidManifest.xml, there is a possible way to set the A2DP... High Unreviewed
CVE-2021-0999 was published Dec 16, 2021
In onReceive of AlertReceiver.java, there is a possible way to dismiss system dialog due to a... High Unreviewed
CVE-2021-0985 was published Dec 16, 2021
In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an... High Unreviewed
CVE-2021-1004 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database