Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

519 advisories

Loading
Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may... High Unreviewed
CVE-2022-26344 was published Aug 19, 2022
CVA6 commit 909d85a gives incorrect permission to use special multiplication units when the... High Unreviewed
CVE-2022-33023 was published Jun 30, 2022
There is a Unauthorized service in the system service, may cause the system reboot. Since the... High Unreviewed
CVE-2022-20435 was published Oct 12, 2022
When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants... High Unreviewed
CVE-2021-41635 was published Jun 25, 2022
Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2... High Unreviewed
CVE-2022-34043 was published Jun 30, 2022
There is an unauthorized service in the system service. Since the component does not have... High Unreviewed
CVE-2022-20436 was published Oct 12, 2022
Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a... High Unreviewed
CVE-2022-33996 was published Jul 8, 2022
A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE... High Unreviewed
CVE-2022-31251 was published Sep 8, 2022
An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary... High Unreviewed
CVE-2022-37173 was published Aug 31, 2022
The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions,... High Unreviewed
CVE-2022-3263 was published Sep 25, 2022
In cta, there is a possible way to write permission usage records of an app due to a missing... High Unreviewed
CVE-2022-26429 was published Aug 2, 2022
The preset launcher module has a permission verification vulnerability. Successful exploitation... High Unreviewed
CVE-2022-44561 was published Nov 10, 2022
Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows... High Unreviewed
CVE-2021-37289 was published Aug 23, 2022
Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions... High Unreviewed
CVE-2022-33922 was published Oct 13, 2022
Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network... High Unreviewed
CVE-2022-0997 was published May 18, 2022
Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of... High Unreviewed
CVE-2022-0486 was published May 18, 2022
In Core, there is a possible way to start an activity from the background due to a missing... High Unreviewed
CVE-2022-20281 was published Aug 13, 2022
The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18... High Unreviewed
CVE-2019-3689 was published May 24, 2022
An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration,... High Unreviewed
CVE-2019-14510 was published May 24, 2022
A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report... High Unreviewed
CVE-2021-21957 was published Dec 9, 2021
The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO... High Unreviewed
CVE-2020-9409 was published May 24, 2022
ColdFusion versions Update 6 and earlier have an insecure inherited permissions of default... High Unreviewed
CVE-2019-8256 was published May 24, 2022
A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 and 4.7.8 allows any... High Unreviewed
CVE-2019-7656 was published May 24, 2022
Couchbase Server 4.x and 5.x before 6.0.0 has Insecure Permissions for the projector and indexer... High Unreviewed
CVE-2020-9039 was published May 24, 2022
The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and... High Unreviewed
CVE-2020-3838 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database