GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
73 advisories
Filter by severity
There is a permission control vulnerability in the Nearby module. Successful exploitation of this...
Critical
Unreviewed
CVE-2021-40053
was published
Mar 11, 2022
Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows...
Critical
Unreviewed
CVE-2020-28910
was published
May 24, 2022
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an...
Critical
Unreviewed
CVE-2022-33175
was published
Jun 14, 2022
The application security module has a vulnerability in permission assignment. Successful...
Critical
Unreviewed
CVE-2022-34737
was published
Jul 13, 2022
The AOD module has a vulnerability in permission assignment. Successful exploitation of this...
Critical
Unreviewed
CVE-2022-37003
was published
Aug 11, 2022
D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.
Critical
Unreviewed
CVE-2022-28932
was published
May 24, 2022
In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gotenberg)...
Critical
Unreviewed
CVE-2020-13452
was published
May 24, 2022
Incorrect default permissions vulnerability in the API of Netop Vision Pro up to and including 9...
Critical
Unreviewed
CVE-2021-27193
was published
May 24, 2022
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability....
Critical
Unreviewed
CVE-2020-29492
was published
May 24, 2022
In the Zstandard command-line utility prior to v1.4.1, output files were created with default...
Critical
Unreviewed
CVE-2021-24031
was published
May 24, 2022
Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the...
Critical
Unreviewed
CVE-2021-24032
was published
May 24, 2022
There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful...
Critical
Unreviewed
CVE-2021-22376
was published
May 24, 2022
In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow...
Critical
Unreviewed
CVE-2021-31217
was published
May 24, 2022
In XeroSecurity Sn1per 9.0 (free version), insecure directory permissions (0777) are set during...
Critical
Unreviewed
CVE-2021-39274
was published
May 24, 2022
Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php.
Critical
Unreviewed
CVE-2021-36363
was published
May 24, 2022
Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh.
Critical
Unreviewed
CVE-2021-36365
was published
May 24, 2022
There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this...
Critical
Unreviewed
CVE-2021-36989
was published
May 24, 2022
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful...
Critical
Unreviewed
CVE-2021-36990
was published
May 24, 2022
Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier,...
Critical
Unreviewed
CVE-2022-34824
was published
Nov 9, 2022
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Insecure Permissions...
Critical
Unreviewed
CVE-2022-40109
was published
Sep 7, 2022
Incorrect Default Permissions in Apache JSPWiki
Critical
CVE-2021-44140
was published
for
org.apache.jspwiki:jspwiki-main
(Maven)
Nov 29, 2021
The CLI 1.0.0 for Amazon AWS OpenSearch has weak permissions for the configuration file.
Critical
Unreviewed
CVE-2021-44833
was published
Dec 13, 2021
An elevation of privilege vulnerability in the Android media framework (mediaanalytics). Product:...
Critical
Unreviewed
CVE-2017-0847
was published
May 13, 2022
During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with...
Critical
Unreviewed
CVE-2017-5642
was published
May 13, 2022
Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote...
Critical
Unreviewed
CVE-2021-45003
was published
Jan 11, 2022
ProTip!
Advisories are also available from the
GraphQL API