GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,077 advisories
Filter by severity
The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions,...
High
Unreviewed
CVE-2022-3263
was published
Sep 25, 2022
In cta, there is a possible way to write permission usage records of an app due to a missing...
High
Unreviewed
CVE-2022-26429
was published
Aug 2, 2022
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a...
Moderate
Unreviewed
CVE-2020-6439
was published
May 24, 2022
parse-server's session object properties can be updated by foreign user if object ID is known
Moderate
CVE-2022-39225
was published
for
parse-server
(npm)
Sep 21, 2022
In Content, there is a possible way to learn about an account present on the device due to a...
Moderate
Unreviewed
CVE-2022-20294
was published
Aug 13, 2022
Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a...
Moderate
Unreviewed
CVE-2020-6431
was published
May 24, 2022
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a...
Moderate
Unreviewed
CVE-2020-6488
was published
May 24, 2022
Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a...
Moderate
Unreviewed
CVE-2020-6484
was published
May 24, 2022
Incorrect default permissions in the Intel(R) Support Android application before version v22.02...
Moderate
Unreviewed
CVE-2022-36367
was published
Nov 11, 2022
The preset launcher module has a permission verification vulnerability. Successful exploitation...
High
Unreviewed
CVE-2022-44561
was published
Nov 10, 2022
Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows...
High
Unreviewed
CVE-2021-37289
was published
Aug 23, 2022
plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak...
Moderate
Unreviewed
CVE-2010-4176
was published
May 17, 2022
An incorrect default permissions vulnerability was found in the mig-controller. Due to an...
Moderate
Unreviewed
CVE-2021-3948
was published
Feb 19, 2022
In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a...
Low
Unreviewed
CVE-2020-0009
was published
May 24, 2022
Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions...
High
Unreviewed
CVE-2022-33922
was published
Oct 13, 2022
Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of...
High
Unreviewed
CVE-2022-0486
was published
May 18, 2022
Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network...
High
Unreviewed
CVE-2022-0997
was published
May 18, 2022
D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.
Critical
Unreviewed
CVE-2022-28932
was published
May 24, 2022
An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions,...
Moderate
Unreviewed
CVE-2018-7822
was published
May 24, 2022
OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication...
Moderate
Unreviewed
CVE-2022-45118
was published
Dec 8, 2022
In PermissionController, there is a possible misunderstanding about the default SMS application's...
Moderate
Unreviewed
CVE-2022-20272
was published
Aug 13, 2022
In Core, there is a possible way to start an activity from the background due to a missing...
High
Unreviewed
CVE-2022-20281
was published
Aug 13, 2022
In ConnectivityService, there is a possible bypass of network permissions due to a missing...
Moderate
Unreviewed
CVE-2022-20341
was published
Aug 13, 2022
If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes...
Moderate
Unreviewed
CVE-2019-11738
was published
May 24, 2022
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2...
Low
Unreviewed
CVE-2019-17052
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API