Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,005 advisories

Loading
Ericsson Network Manager 20.2 has Insecure Permissions. Moderate Unreviewed
CVE-2021-28488 was published Mar 11, 2022
'Root Service' service implemented in the following Yokogawa Electric products creates some named... High Unreviewed
CVE-2022-22148 was published Mar 12, 2022
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4,... Moderate Unreviewed
CVE-2020-15388 was published Mar 19, 2022
TMS v2.28.0 contains an insecure permissions vulnerability via the component /TMS/admin/user... Moderate Unreviewed
CVE-2022-26247 was published Mar 21, 2022
The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow... High Unreviewed
CVE-2022-24125 was published Mar 21, 2022
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to... Low Unreviewed
CVE-2022-24236 was published Mar 22, 2022
Description: A permissions issue was addressed with improved validation. This issue is fixed in... Low Unreviewed
CVE-2022-22599 was published Mar 19, 2022
There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone... Moderate Unreviewed
CVE-2021-37058 was published Dec 8, 2021
In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission... Moderate Unreviewed
CVE-2021-0931 was published Dec 16, 2021
In RuoYi v4.7.2 through the WebUI, user test1 does not have permission to reset the password of... Moderate Unreviewed
CVE-2022-23869 was published Mar 31, 2022
Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a... Moderate Unreviewed
CVE-2022-0803 was published Apr 6, 2022
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated... High Unreviewed
CVE-2022-26250 was published Apr 7, 2022
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue. High Unreviewed
CVE-2022-26281 was published Apr 6, 2022
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default... High Unreviewed
CVE-2021-23244 was published Dec 28, 2021
The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system... High Unreviewed
CVE-2022-22516 was published Apr 8, 2022
controller/org.controller/org.controller.js in the CVE Services API 1.1.1 before... High Unreviewed
CVE-2021-46561 was published Feb 8, 2022
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1... High Unreviewed
CVE-2022-23448 was published Apr 13, 2022
In multiple locations of MediaProvider.java , there is a possible way to get read/write access to... High Unreviewed
CVE-2021-39795 was published Apr 13, 2022
An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges,... High Unreviewed
CVE-2021-42562 was published Jan 13, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code... High Unreviewed
CVE-2022-22958 was published Apr 14, 2022
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications ... Moderate Unreviewed
CVE-2022-21475 was published Apr 20, 2022
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11... High Unreviewed
CVE-2021-20264 was published May 24, 2022
Insecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the... Moderate Unreviewed
CVE-2022-45307 was published Nov 29, 2022
Insecure permissions in Chocolatey Python3 package v3.11.0 and below grants all users in the... Moderate Unreviewed
CVE-2022-45305 was published Nov 29, 2022
It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings... Moderate Unreviewed
CVE-2021-35248 was published Dec 21, 2021
ProTip! Advisories are also available from the GraphQL API