GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,079 advisories
Filter by severity
Permission control vulnerability in the network module. Successful exploitation of this...
High
Unreviewed
CVE-2022-37006
was published
Aug 11, 2022
Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers...
High
Unreviewed
CVE-2022-28999
was published
May 24, 2022
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to...
Moderate
Unreviewed
CVE-2020-4270
was published
May 24, 2022
In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to...
High
Unreviewed
CVE-2020-0227
was published
May 24, 2022
In Bluetooth, there is a possible spoofing of bluetooth device metadata due to a missing...
High
Unreviewed
CVE-2020-0299
was published
May 24, 2022
In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due...
High
Unreviewed
CVE-2020-0439
was published
May 24, 2022
Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install...
High
Unreviewed
CVE-2022-29376
was published
May 24, 2022
Incorrect Default Permissions in JetBrains Kotlin
Moderate
CVE-2020-29582
was published
for
org.jetbrains.kotlin:kotlin-stdlib
(Maven)
May 24, 2022
In createVirtualDisplay of DisplayManagerService.java, there is a possible way to create a...
High
Unreviewed
CVE-2020-0440
was published
May 24, 2022
In createInputConsumer of WindowManagerService.java, there is a possible way to block and...
High
Unreviewed
CVE-2020-0475
was published
May 24, 2022
Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1...
Moderate
Unreviewed
CVE-2020-13270
was published
May 24, 2022
In Bluetooth, there is a possible control over Bluetooth enabled state due to a missing...
High
Unreviewed
CVE-2020-0298
was published
May 24, 2022
In getSimSerialNumber of TelephonyManager.java, there is a possible way to read a trackable...
Moderate
Unreviewed
CVE-2021-0428
was published
May 24, 2022
Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers...
Moderate
Unreviewed
CVE-2021-25344
was published
May 24, 2022
In onReceive of DcTracker.java, there is a possible way to trigger a provisioning URL and modify...
High
Unreviewed
CVE-2021-0380
was published
May 24, 2022
In setNightModeActivated of UiModeManagerService.java, there is a missing permission check. This...
High
Unreviewed
CVE-2021-0389
was published
May 24, 2022
A mobile phone of ZTE is impacted by improper access control vulnerability. Due to improper...
High
Unreviewed
CVE-2021-21732
was published
May 24, 2022
An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation...
High
Unreviewed
CVE-2021-28098
was published
May 24, 2022
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to access data and perform...
Moderate
Unreviewed
CVE-2020-4274
was published
May 24, 2022
In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking...
Moderate
Unreviewed
CVE-2020-0137
was published
May 24, 2022
In CellBroadcastReceiver's intent handlers, there is a possible denial of service due to a...
Moderate
Unreviewed
CVE-2020-0437
was published
May 24, 2022
In areFunctionsSupported of UsbBackend.java, there is a possible access to tethering from a guest...
High
Unreviewed
CVE-2020-0485
was published
May 24, 2022
Insecure File Permissions exist in Aviatrix Controller 5.3.1516. Several world writable files and...
High
Unreviewed
CVE-2020-27568
was published
May 24, 2022
In checkSlicePermission of SliceManagerService.java, there is a possible resource exposure due to...
Moderate
Unreviewed
CVE-2021-0382
was published
May 24, 2022
In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions.
High
Unreviewed
CVE-2022-31500
was published
Jun 3, 2022
ProTip!
Advisories are also available from the
GraphQL API