GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,077 advisories
Filter by severity
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.
High
Unreviewed
CVE-1999-0426
was published
Apr 30, 2022
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype...
Moderate
Unreviewed
CVE-2004-1778
was published
Apr 29, 2022
In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is...
High
Unreviewed
CVE-2022-29585
was published
Apr 29, 2022
An issue was discovered in CipherMail Webmail Messenger 1.1.1 through 4.1.4. A local attacker...
Moderate
Unreviewed
CVE-2022-28218
was published
Apr 27, 2022
Moodle default permissions too permissive
Moderate
CVE-2012-1157
was published
for
moodle/moodle
(Composer)
Apr 23, 2022
A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175...
Moderate
Unreviewed
CVE-2021-3722
was published
Apr 23, 2022
Incorrect Default Permissions in CRI-O
Moderate
CVE-2022-27652
was published
for
github.com/cri-o/cri-o
(Go)
Apr 22, 2022
The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the...
High
Unreviewed
CVE-2022-29547
was published
Apr 22, 2022
A improper permission configuration vulnerability in Xiaomi Content Center APP. This...
Moderate
Unreviewed
CVE-2020-14117
was published
Apr 22, 2022
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager...
High
Unreviewed
CVE-2022-20732
was published
Apr 22, 2022
The setup program for the affected product configures its files and folders with full access,...
High
Unreviewed
CVE-2021-43986
was published
Apr 21, 2022
Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does...
Moderate
Unreviewed
CVE-2022-26595
was published
Apr 20, 2022
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking...
Moderate
Unreviewed
CVE-2011-1762
was published
Apr 19, 2022
In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the...
High
Unreviewed
CVE-2021-39794
was published
Apr 13, 2022
Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local...
Moderate
Unreviewed
CVE-2022-27840
was published
Apr 12, 2022
Insecure permissions configured in the userid parameter at /user/getuserprofile of FEBS-Security...
Moderate
Unreviewed
CVE-2022-27958
was published
Apr 11, 2022
Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1...
Moderate
Unreviewed
CVE-2022-27960
was published
Apr 11, 2022
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions...
Moderate
Unreviewed
CVE-2022-26855
was published
Apr 9, 2022
A bug in CmpUserMgr component can lead to only partially applied security policies. This can...
Moderate
Unreviewed
CVE-2022-22518
was published
Apr 8, 2022
Podman's default inheritable capabilities for linux container not empty
High
CVE-2022-27649
was published
for
github.com/containers/podman/v4
(Go)
Apr 1, 2022
Non-empty default inheritable capabilities for linux container in Buildah
Moderate
CVE-2022-27651
was published
for
github.com/containers/buildah
(Go)
Apr 1, 2022
In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible...
High
Unreviewed
CVE-2021-1000
was published
Mar 31, 2022
In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission...
High
Unreviewed
CVE-2021-1033
was published
Mar 31, 2022
In InputMethodEditor, there is a possible way to access some files accessible to Settings due to...
Moderate
Unreviewed
CVE-2021-39748
was published
Mar 31, 2022
In Settings Provider, there is a possible way to list values of non-readable global settings due...
Moderate
Unreviewed
CVE-2021-39747
was published
Mar 31, 2022
ProTip!
Advisories are also available from the
GraphQL API