Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,200 advisories

Loading
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect... High Unreviewed
CVE-2022-26839 was published Mar 30, 2022
The vCenter Server contains an information disclosure vulnerability due to improper permission of... Moderate Unreviewed
CVE-2022-22948 was published Mar 30, 2022
The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a... High Unreviewed
CVE-2021-40904 was published Mar 27, 2022
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website... Moderate Unreviewed
CVE-2021-44751 was published Mar 26, 2022
Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD Smart Lock as of 12-13... High Unreviewed
CVE-2021-44905 was published Mar 26, 2022
In Click Studios (SA) Pty Ltd Passwordstate 9435, users with access to a passwordlist can gain... Moderate Unreviewed
CVE-2022-25570 was published Mar 22, 2022
A local attacker could read files from some other users' SA360 reports stored in the /tmp folder... Moderate Unreviewed
CVE-2021-22571 was published Mar 19, 2022
In getNotificationTag of LegacyVoicemailNotifier.java, there is a possible leak of ICCID due to a... Moderate Unreviewed
CVE-2021-39705 was published Mar 17, 2022
In parse of RoleParser.java, there is a possible way for default apps to get permissions... High Unreviewed
CVE-2021-39694 was published Mar 17, 2022
In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials... High Unreviewed
CVE-2021-39706 was published Mar 17, 2022
In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message... High Unreviewed
CVE-2021-39734 was published Mar 17, 2022
This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission... Moderate Unreviewed
CVE-2021-32006 was published Mar 11, 2022
A flaw was found in the permissions of a log file created by kexec-tools. This flaw allows a... Moderate Unreviewed
CVE-2021-20269 was published Mar 11, 2022
A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with... Low Unreviewed
CVE-2021-3981 was published Mar 11, 2022
There is a permission control vulnerability in the PMS module. Successful exploitation of this... High Unreviewed
CVE-2021-40049 was published Mar 11, 2022
There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this... Moderate Unreviewed
CVE-2021-40059 was published Mar 11, 2022
There is a permission control vulnerability in the Nearby module. Successful exploitation of this... Critical Unreviewed
CVE-2021-40053 was published Mar 11, 2022
Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions... Moderate Unreviewed
CVE-2021-44216 was published Mar 11, 2022
Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has Insecure Permissions that may allow... Moderate Unreviewed
CVE-2021-44215 was published Mar 11, 2022
The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure... High Unreviewed
CVE-2022-25943 was published Mar 10, 2022
Insecure permissions in the file database.sdb of BatFlat CMS v1.3.6 allows attackers to dump the... High Unreviewed
CVE-2021-41652 was published Mar 3, 2022
JFrog Artifactory before 7.31.10, is vulnerable to Broken Access Control where a project admin... Moderate Unreviewed
CVE-2021-46270 was published Mar 3, 2022
In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked... Moderate Unreviewed
CVE-2022-24337 was published Feb 26, 2022
In JetBrains YouTrack before 2021.4.31698, a custom logo could be set by a user who has read-only... Moderate Unreviewed
CVE-2022-24343 was published Feb 26, 2022
There is an improper permission management vulnerability in the Wallet apps. Successful... Moderate Unreviewed
CVE-2021-37103 was published Feb 26, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database