Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

425 advisories

Loading
A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175... Moderate Unreviewed
CVE-2021-3722 was published Apr 23, 2022
Moodle default permissions too permissive Moderate
CVE-2012-1157 was published for moodle/moodle (Composer) Apr 23, 2022
An issue was discovered in CipherMail Webmail Messenger 1.1.1 through 4.1.4. A local attacker... Moderate Unreviewed
CVE-2022-28218 was published Apr 27, 2022
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype... Moderate Unreviewed
CVE-2004-1778 was published Apr 29, 2022
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure... Moderate Unreviewed
CVE-2001-0497 was published Apr 30, 2022
Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages... Moderate Unreviewed
CVE-2013-4763 was published May 5, 2022
A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10... Moderate Unreviewed
CVE-2019-3870 was published May 13, 2022
The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change... Moderate Unreviewed
CVE-2013-4394 was published May 13, 2022
MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests,... Moderate Unreviewed
CVE-2011-4361 was published May 13, 2022
Moodle Incorrect Default Settings Moderate
CVE-2011-4285 was published for moodle/moodle (Composer) May 13, 2022
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function... Moderate Unreviewed
CVE-2018-14335 was published May 13, 2022
An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default... Moderate Unreviewed
CVE-2019-0683 was published May 13, 2022
Atlassian Confluence starting with 4.3.0 before 6.2.1 did not check if a user had permission to... Moderate Unreviewed
CVE-2017-9505 was published May 13, 2022
Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions,... Moderate Unreviewed
CVE-2011-1435 was published May 13, 2022
The drag-and-drop implementation in Google Chrome before 13.0.782.107 on Linux does not properly... Moderate Unreviewed
CVE-2011-2782 was published May 13, 2022
Google Chrome before 14.0.835.163 uses incorrect permissions for non-gallery pages, which has... Moderate Unreviewed
CVE-2011-2859 was published May 13, 2022
It was discovered that sos-collector does not properly set the default permissions of newly... Moderate Unreviewed
CVE-2018-14650 was published May 13, 2022
Incorrect default permissions vulnerability in synouser.conf in Synology Router Manager (SRM)... Moderate Unreviewed
CVE-2018-13287 was published May 13, 2022
Incorrect default permissions vulnerability in synouser.conf in Synology Diskstation Manager (DSM... Moderate Unreviewed
CVE-2018-13286 was published May 13, 2022
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages,... Moderate Unreviewed
CVE-2017-0369 was published May 13, 2022
Jenkins Build Step Plugin fails to check Item/Build permission Moderate
CVE-2017-1000089 was published for org.jenkins-ci.plugins:pipeline-build-step (Maven) May 13, 2022
Parameterized Trigger Plugin fails to check Item/Build permission Moderate
CVE-2017-1000084 was published for org.jenkins-ci.plugins:parameterized-trigger (Maven) May 13, 2022
With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device,... Moderate Unreviewed
CVE-2017-5622 was published May 13, 2022
An issue was discovered in Veritas NetBackup Before 7.7 and NetBackup Appliance Before 2.7. There... Moderate Unreviewed
CVE-2017-6404 was published May 13, 2022
The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable... Moderate Unreviewed
CVE-2017-7761 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database