Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

425 advisories

Loading
IBM Manage Application 8.8.0 and 8.9.0 in the IBM Maximo Application Suite is vulnerable to... Moderate Unreviewed
CVE-2022-46774 was published Mar 15, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.5 before 15.7.8,... Moderate Unreviewed
CVE-2022-3758 was published Mar 10, 2023
Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64... Moderate Unreviewed
CVE-2023-1229 was published Mar 8, 2023
Moodle has Incorrect Default Permissions Moderate
CVE-2021-36397 was published for moodle/moodle (Composer) Mar 7, 2023
Moodle has Incorrect Default Permissions Moderate
CVE-2021-36400 was published for moodle/moodle (Composer) Mar 7, 2023
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R)... Moderate Unreviewed
CVE-2022-33196 was published Feb 16, 2023
CSRF vulnerability in Jenkins Coverity Plugin allow capturing credentials Moderate
CVE-2023-23848 was published for org.jenkins-ci.plugins:synopsys-coverity (Maven) Feb 15, 2023
Synopsys Jenkins Coverity Plugin has Incorrect Default Permissions Moderate
CVE-2023-23850 was published for org.jenkins-ci.plugins:synopsys-coverity (Maven) Feb 15, 2023
In wlan driver, there is a possible missing permission check. This could lead to local... Moderate Unreviewed
CVE-2022-47450 was published Feb 12, 2023
A potential vulnerability in a driver used during manufacturing process on the Ideapad Y700-14ISK... Moderate Unreviewed
CVE-2022-3432 was published Jan 26, 2023
A potential vulnerability in the WMI Setup driver on some consumer Lenovo Notebook devices may... Moderate Unreviewed
CVE-2022-3430 was published Jan 23, 2023
A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2023-20043 was published Jan 20, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39083 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39084 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39081 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39082 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39085 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39088 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39086 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39087 was published Jan 4, 2023
In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission... Moderate Unreviewed
CVE-2022-20511 was published Dec 20, 2022
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an... Moderate Unreviewed
CVE-2022-42446 was published Dec 12, 2022
OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication... Moderate Unreviewed
CVE-2022-45118 was published Dec 8, 2022
Incorrect permission checks in Jenkins Support Core Plugin Moderate
CVE-2022-45383 was published for org.jenkins-ci.plugins:support-core (Maven) Nov 16, 2022
NotMyFault
Incorrect Default Permissions in Liferay Portal Moderate
CVE-2022-42127 was published for com.liferay.portal:release.portal.bom (Maven) Nov 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database