GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
521 advisories
Filter by severity
Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers...
High
Unreviewed
CVE-2022-28999
was published
May 24, 2022
In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to...
High
Unreviewed
CVE-2020-0227
was published
May 24, 2022
In Bluetooth, there is a possible spoofing of bluetooth device metadata due to a missing...
High
Unreviewed
CVE-2020-0299
was published
May 24, 2022
Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install...
High
Unreviewed
CVE-2022-29376
was published
May 24, 2022
In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due...
High
Unreviewed
CVE-2020-0439
was published
May 24, 2022
In createInputConsumer of WindowManagerService.java, there is a possible way to block and...
High
Unreviewed
CVE-2020-0475
was published
May 24, 2022
In createVirtualDisplay of DisplayManagerService.java, there is a possible way to create a...
High
Unreviewed
CVE-2020-0440
was published
May 24, 2022
In Bluetooth, there is a possible control over Bluetooth enabled state due to a missing...
High
Unreviewed
CVE-2020-0298
was published
May 24, 2022
In onReceive of DcTracker.java, there is a possible way to trigger a provisioning URL and modify...
High
Unreviewed
CVE-2021-0380
was published
May 24, 2022
In setNightModeActivated of UiModeManagerService.java, there is a missing permission check. This...
High
Unreviewed
CVE-2021-0389
was published
May 24, 2022
A mobile phone of ZTE is impacted by improper access control vulnerability. Due to improper...
High
Unreviewed
CVE-2021-21732
was published
May 24, 2022
An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation...
High
Unreviewed
CVE-2021-28098
was published
May 24, 2022
In areFunctionsSupported of UsbBackend.java, there is a possible access to tethering from a guest...
High
Unreviewed
CVE-2020-0485
was published
May 24, 2022
Insecure File Permissions exist in Aviatrix Controller 5.3.1516. Several world writable files and...
High
Unreviewed
CVE-2020-27568
was published
May 24, 2022
In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions.
High
Unreviewed
CVE-2022-31500
was published
Jun 3, 2022
A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers (CLSID...
High
Unreviewed
CVE-2020-13534
was published
May 24, 2022
In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts...
High
Unreviewed
CVE-2021-0603
was published
May 24, 2022
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious...
High
Unreviewed
CVE-2022-29483
was published
Jun 3, 2022
The Adobe ColdFusion installer fails to set a secure access-control list (ACL) on the default...
High
Unreviewed
CVE-2020-10145
was published
May 24, 2022
An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection...
High
Unreviewed
CVE-2022-32562
was published
Jun 14, 2022
In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner...
High
Unreviewed
CVE-2022-20137
was published
Jun 16, 2022
A permission issue affects users that deployed the shipped version of the Checkmk Debian package....
High
Unreviewed
CVE-2022-33912
was published
Jun 18, 2022
Weak access control permissions in MELAG FTP Server 2.2.0.4 allow the "Everyone" group to read...
High
Unreviewed
CVE-2021-41637
was published
Jun 25, 2022
A privilege escalation vulnerability exists in the Windows version of installation for Advantech...
High
Unreviewed
CVE-2021-21912
was published
Dec 23, 2021
A flaw was found in AMQ Broker Operator 7.9.4 installed via UI using OperatorHub where a low...
High
Unreviewed
CVE-2022-1833
was published
Jun 22, 2022
ProTip!
Advisories are also available from the
GraphQL API