GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,080 advisories
Filter by severity
The application security module has a vulnerability in permission assignment. Successful...
Critical
Unreviewed
CVE-2022-34737
was published
Jul 13, 2022
When installed as Windows service MELAG FTP Server 2.2.0.4 is run as SYSTEM user, which grants...
High
Unreviewed
CVE-2021-41635
was published
Jun 25, 2022
Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2...
High
Unreviewed
CVE-2022-34043
was published
Jun 30, 2022
There is an unauthorized service in the system service. Since the component does not have...
High
Unreviewed
CVE-2022-20436
was published
Oct 12, 2022
Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a...
High
Unreviewed
CVE-2022-33996
was published
Jul 8, 2022
Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1...
Low
Unreviewed
CVE-2022-30753
was published
Jul 13, 2022
An issue has been discovered in GitLab affecting all versions starting from 12.4 before 14.10.5,...
Moderate
Unreviewed
CVE-2022-2270
was published
Jul 2, 2022
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a...
Low
Unreviewed
CVE-2022-20310
was published
Aug 13, 2022
In Content, there is a possible way to check if the given account exists on the device due to a...
Moderate
Unreviewed
CVE-2022-20300
was published
Aug 13, 2022
Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows...
Moderate
Unreviewed
CVE-2022-30758
was published
Jul 13, 2022
In Content, there is a possible way to check if an account exists on the device due to a missing...
Moderate
Unreviewed
CVE-2022-20301
was published
Aug 13, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from...
Moderate
Unreviewed
CVE-2022-22424
was published
Jul 21, 2022
In ActivityManager, there is a possible disclosure of installed packages due to a missing...
Low
Unreviewed
CVE-2022-20315
was published
Aug 13, 2022
A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise...
Low
Unreviewed
CVE-2021-25317
was published
May 24, 2022
The AOD module has a vulnerability in permission assignment. Successful exploitation of this...
Critical
Unreviewed
CVE-2022-37003
was published
Aug 11, 2022
In ContentService, there is a possible way to check if an account exists on the device due to a...
Moderate
Unreviewed
CVE-2022-20296
was published
Aug 13, 2022
In ContentService, there is a possible way to determine if an account is on the device without...
Moderate
Unreviewed
CVE-2022-20303
was published
Aug 13, 2022
In ContentService, there is a possible disclosure of available account types due to a missing...
Low
Unreviewed
CVE-2022-20305
was published
Aug 13, 2022
In ContentService, there is a possible way to check if an account exists on the device due to a...
Moderate
Unreviewed
CVE-2022-20295
was published
Aug 13, 2022
In WifiP2pManager, there is a possible toobtain WiFi P2P MAC address without user consent due to...
Moderate
Unreviewed
CVE-2022-20312
was published
Aug 13, 2022
In ContentService, there is a possible way to check if the given account exists on the device due...
Moderate
Unreviewed
CVE-2022-20299
was published
Aug 13, 2022
In ContentService, there is a possible way to check if an account exists on the device due to a...
Moderate
Unreviewed
CVE-2022-20298
was published
Aug 13, 2022
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a...
Low
Unreviewed
CVE-2022-20311
was published
Aug 13, 2022
A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE...
High
Unreviewed
CVE-2022-31251
was published
Sep 8, 2022
An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary...
High
Unreviewed
CVE-2022-37173
was published
Aug 31, 2022
ProTip!
Advisories are also available from the
GraphQL API