GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,077 advisories
Filter by severity
In Traceur, there is a possible bypass of developer settings requirements for capturing system...
High
Unreviewed
CVE-2021-39780
was published
Mar 31, 2022
In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN...
High
Unreviewed
CVE-2021-39651
was published
Dec 16, 2021
In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission...
High
Unreviewed
CVE-2021-1033
was published
Mar 31, 2022
In Framework, there is a possible disclosure of the device owner package due to a missing...
Moderate
Unreviewed
CVE-2021-39770
was published
Mar 31, 2022
In Device Policy, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-39769
was published
Mar 31, 2022
In Settings Provider, there is a possible way to list values of non-readable global settings due...
Moderate
Unreviewed
CVE-2021-39747
was published
Mar 31, 2022
In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible...
High
Unreviewed
CVE-2021-1000
was published
Mar 31, 2022
In InputMethodEditor, there is a possible way to access some files accessible to Settings due to...
Moderate
Unreviewed
CVE-2021-39748
was published
Mar 31, 2022
Podman's default inheritable capabilities for linux container not empty
High
CVE-2022-27649
was published
for
github.com/containers/podman/v4
(Go)
Apr 1, 2022
Insecure permissions configured in the userid parameter at /user/getuserprofile of FEBS-Security...
Moderate
Unreviewed
CVE-2022-27958
was published
Apr 11, 2022
A bug in CmpUserMgr component can lead to only partially applied security policies. This can...
Moderate
Unreviewed
CVE-2022-22518
was published
Apr 8, 2022
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions...
Moderate
Unreviewed
CVE-2022-26855
was published
Apr 9, 2022
Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1...
Moderate
Unreviewed
CVE-2022-27960
was published
Apr 11, 2022
Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local...
Moderate
Unreviewed
CVE-2022-27840
was published
Apr 12, 2022
In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the...
High
Unreviewed
CVE-2021-39794
was published
Apr 13, 2022
Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does...
Moderate
Unreviewed
CVE-2022-26595
was published
Apr 20, 2022
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking...
Moderate
Unreviewed
CVE-2011-1762
was published
Apr 19, 2022
The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the...
High
Unreviewed
CVE-2022-29547
was published
Apr 22, 2022
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager...
High
Unreviewed
CVE-2022-20732
was published
Apr 22, 2022
Access to Unix domain socket can lead to privileges escalation in Cilium
High
CVE-2022-29178
was published
for
github.com/cilium/cilium
(Go)
May 24, 2022
Incorrect Default Permissions in CRI-O
Moderate
CVE-2022-27652
was published
for
github.com/cri-o/cri-o
(Go)
Apr 22, 2022
A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175...
Moderate
Unreviewed
CVE-2021-3722
was published
Apr 23, 2022
Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an...
High
Unreviewed
CVE-2022-4020
was published
Nov 28, 2022
Incorrect Default Permissions in Apache Commons FileUpload
Low
CVE-2013-0248
was published
for
commons-fileupload:commons-fileupload
(Maven)
May 5, 2022
A improper permission configuration vulnerability in Xiaomi Content Center APP. This...
Moderate
Unreviewed
CVE-2020-14117
was published
Apr 22, 2022
ProTip!
Advisories are also available from the
GraphQL API