Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

517 advisories

Loading
In the default privileges of NFC, there is a possible local bypass of user interaction... High Unreviewed
CVE-2019-2114 was published May 24, 2022
In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch... High Unreviewed
CVE-2019-2173 was published May 24, 2022
An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration,... High Unreviewed
CVE-2019-14510 was published May 24, 2022
Nix through 2.3 allows local users to gain access to an arbitrary user's account because the... High Unreviewed
CVE-2019-17365 was published May 24, 2022
The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates. High Unreviewed
CVE-2015-9477 was published May 24, 2022
The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates. High Unreviewed
CVE-2015-9476 was published May 24, 2022
The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates. High Unreviewed
CVE-2015-9474 was published May 24, 2022
The Pont theme 1.5 for WordPress has insufficient restrictions on option updates. High Unreviewed
CVE-2015-9475 was published May 24, 2022
PC Protect Antivirus v4.14.31 installs by default to %PROGRAMFILES(X86)%\PCProtect with very weak... High Unreviewed
CVE-2019-16913 was published May 24, 2022
The "CLink4Service" service is installed with Corsair Link 4.9.7.35 with insecure permissions by... High Unreviewed
CVE-2018-19592 was published May 24, 2022
The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18... High Unreviewed
CVE-2019-3689 was published May 24, 2022
Some of Dahua's Debug functions do not have permission separation. Low-privileged users can use... High Unreviewed
CVE-2019-9679 was published May 24, 2022
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated... High Unreviewed
CVE-2019-16106 was published May 24, 2022
In Limesurvey before 3.17.14, admin users can access the plugin manager without proper permissions. High Unreviewed
CVE-2019-16186 was published May 24, 2022
In Limesurvey before 3.17.14, admin users can view, update, or delete reserved menu entries... High Unreviewed
CVE-2019-16185 was published May 24, 2022
A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby... High Unreviewed
CVE-2019-7588 was published May 24, 2022
Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers... High Unreviewed
CVE-2022-28999 was published May 24, 2022
Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install... High Unreviewed
CVE-2022-29376 was published May 24, 2022
Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of... High Unreviewed
CVE-2022-0486 was published May 18, 2022
Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network... High Unreviewed
CVE-2022-0997 was published May 18, 2022
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows... High Unreviewed
CVE-2014-7303 was published May 17, 2022
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows... High Unreviewed
CVE-2014-7302 was published May 17, 2022
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass... High Unreviewed
CVE-2013-0632 was published May 17, 2022
An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of... High Unreviewed
CVE-2018-7535 was published May 13, 2022
Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may... High Unreviewed
CVE-2018-12175 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database