GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
368 advisories
Filter by severity
Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has Insecure Permissions that may allow...
Moderate
Unreviewed
CVE-2021-44215
was published
Mar 11, 2022
There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this...
Moderate
Unreviewed
CVE-2021-40059
was published
Mar 11, 2022
This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Permission...
Moderate
Unreviewed
CVE-2021-32006
was published
Mar 11, 2022
Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions...
Moderate
Unreviewed
CVE-2021-44216
was published
Mar 11, 2022
In getNotificationTag of LegacyVoicemailNotifier.java, there is a possible leak of ICCID due to a...
Moderate
Unreviewed
CVE-2021-39705
was published
Mar 17, 2022
In Click Studios (SA) Pty Ltd Passwordstate 9435, users with access to a passwordlist can gain...
Moderate
Unreviewed
CVE-2022-25570
was published
Mar 22, 2022
A local attacker could read files from some other users' SA360 reports stored in the /tmp folder...
Moderate
Unreviewed
CVE-2021-22571
was published
Mar 19, 2022
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website...
Moderate
Unreviewed
CVE-2021-44751
was published
Mar 26, 2022
The vCenter Server contains an information disclosure vulnerability due to improper permission of...
Moderate
Unreviewed
CVE-2022-22948
was published
Mar 30, 2022
In getCallStateUsingPackage of Telecom Service, there is a missing permission check. This could...
Moderate
Unreviewed
CVE-2021-39779
was published
Mar 31, 2022
In Framework, there is a possible disclosure of the device owner package due to a missing...
Moderate
Unreviewed
CVE-2021-39770
was published
Mar 31, 2022
In InputMethodEditor, there is a possible way to access some files accessible to Settings due to...
Moderate
Unreviewed
CVE-2021-39748
was published
Mar 31, 2022
In Device Policy, there is a possible way to determine whether an app is installed, without query...
Moderate
Unreviewed
CVE-2021-39769
was published
Mar 31, 2022
In Settings Provider, there is a possible way to list values of non-readable global settings due...
Moderate
Unreviewed
CVE-2021-39747
was published
Mar 31, 2022
Insecure permissions configured in the userid parameter at /user/getuserprofile of FEBS-Security...
Moderate
Unreviewed
CVE-2022-27958
was published
Apr 11, 2022
A bug in CmpUserMgr component can lead to only partially applied security policies. This can...
Moderate
Unreviewed
CVE-2022-22518
was published
Apr 8, 2022
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contains an incorrect default permissions...
Moderate
Unreviewed
CVE-2022-26855
was published
Apr 9, 2022
Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1...
Moderate
Unreviewed
CVE-2022-27960
was published
Apr 11, 2022
Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local...
Moderate
Unreviewed
CVE-2022-27840
was published
Apr 12, 2022
Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does...
Moderate
Unreviewed
CVE-2022-26595
was published
Apr 20, 2022
A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking...
Moderate
Unreviewed
CVE-2011-1762
was published
Apr 19, 2022
A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175...
Moderate
Unreviewed
CVE-2021-3722
was published
Apr 23, 2022
A improper permission configuration vulnerability in Xiaomi Content Center APP. This...
Moderate
Unreviewed
CVE-2020-14117
was published
Apr 22, 2022
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow a local user to gain escalated privileges due to...
Moderate
Unreviewed
CVE-2020-4270
was published
May 24, 2022
Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1...
Moderate
Unreviewed
CVE-2020-13270
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API