GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,936
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,154
NuGet 736
pip 3,953
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 270,200

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,205 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

"IBM Robotic Process Automation 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to... High Unreviewed

CVE-2022-43574 was published Nov 4, 2022

Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux ... Moderate Unreviewed

CVE-2020-36605 was published Nov 1, 2022

The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission... Moderate Unreviewed

CVE-2020-5355 was published Oct 21, 2022

In Red Hat Openshift 1, weak default permissions are applied to the /etc/openshift/server_priv... Moderate Unreviewed

CVE-2013-4281 was published Oct 19, 2022

AsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers (running... Moderate Unreviewed

CVE-2022-36439 was published Oct 18, 2022

AsusSwitch.exe on ASUS personal computers (running Windows) sets weak file permissions, leading... High Unreviewed

CVE-2022-36438 was published Oct 18, 2022

A vulnerability within the Software Updater functionality of Avira Security for Windows allowed... High Unreviewed

CVE-2022-3368 was published Oct 18, 2022

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool... High Unreviewed

CVE-2022-42464 was published Oct 14, 2022

The MasterUserEdit API in Atlassian Jira Align Server before version 10.109.2 allows An... High Unreviewed

CVE-2022-36803 was published Oct 14, 2022

Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions... High Unreviewed

CVE-2022-33922 was published Oct 13, 2022

Foresight GC3 Launch Monitor 1.3.15.68 ships with a Target Communication Framework (TCF) service... High Unreviewed

CVE-2022-40187 was published Oct 13, 2022

There is an unauthorized service in the system service. Since the component does not have... High Unreviewed

CVE-2022-20436 was published Oct 12, 2022

There is a Unauthorized service in the system service, may cause the system reboot. Since the... High Unreviewed

CVE-2022-20435 was published Oct 12, 2022

A registry permissions vulnerability in the Trend Micro Apex One Data Loss Prevention (DLP)... Moderate Unreviewed

CVE-2022-41748 was published Oct 11, 2022

A vulnerability was discovered in the Remisol Advance v2.0.12.1 and below for the Normand Message... High Unreviewed

CVE-2022-26235 was published Oct 6, 2022

The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions,... High Unreviewed

CVE-2022-3263 was published Sep 25, 2022

A permission bypass vulnerability in Huawei cross device task management could allow an attacker... Moderate Unreviewed

CVE-2021-46834 was published Sep 21, 2022

A vulnerability on Trend Micro HouseCall version 1.62.1.1133 and below could allow a local... High Unreviewed

CVE-2022-38764 was published Sep 20, 2022

A vulnerability has been identified in CoreShield One-Way Gateway (OWG) Software (All versions <... High Unreviewed

CVE-2022-38466 was published Sep 14, 2022

In affected versions of Octopus Deploy it is possible to upload a package to built-in feed with... Moderate Unreviewed

CVE-2022-2528 was published Sep 10, 2022

A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE... High Unreviewed

CVE-2022-31251 was published Sep 8, 2022

TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Insecure Permissions... Critical Unreviewed

CVE-2022-40109 was published Sep 7, 2022

A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a... High Unreviewed

CVE-2022-2735 was published Sep 7, 2022

influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing... Critical Unreviewed

CVE-2022-36640 was published Sep 3, 2022

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which... High Unreviewed

CVE-2022-32743 was published Sep 2, 2022

Previous 1…26…49 Next

Previous 1 2 … 24 25 26 27 28 … 48 49 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,205 advisories