GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
560 advisories
Filter by severity
A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 and 4.7.8 allows any...
High
Unreviewed
CVE-2019-7656
was published
May 24, 2022
Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation...
High
Unreviewed
CVE-2021-43019
was published
Nov 24, 2021
The developer-tools process in Google Chrome before 25.0.1364.97 on Windows and Linux, and before...
High
Unreviewed
CVE-2013-0887
was published
May 17, 2022
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does...
High
Unreviewed
CVE-2013-0885
was published
May 14, 2022
Brokercap Bifrost subject to authentication bypass when using HTTP basic authentication
High
CVE-2022-39219
was published
for
github.com/brokercap/Bifrost
(Go)
Sep 27, 2022
browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS,...
High
Unreviewed
CVE-2016-5202
was published
May 24, 2022
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by...
High
Unreviewed
CVE-2020-10699
was published
May 24, 2022
In AppWidget, there is a possible way to start an activity from the background due to a missing...
High
Unreviewed
CVE-2022-20282
was published
Aug 13, 2022
In Keyguard, there is a missing permission check. This could lead to local escalation of...
High
Unreviewed
CVE-2022-20274
was published
Aug 13, 2022
A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git...
High
Unreviewed
CVE-2022-38065
was published
Dec 21, 2022
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS...
High
Unreviewed
CVE-2019-12577
was published
May 24, 2022
A Local Privilege Escalation in libqcocoa.dylib in Foxit Reader 3.1.0.0111 on macOS has been...
High
Unreviewed
CVE-2019-8342
was published
May 24, 2022
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open...
High
Unreviewed
CVE-2014-10402
was published
May 17, 2022
CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of...
High
Unreviewed
CVE-2022-45193
was published
Nov 12, 2022
It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the "...
High
Unreviewed
CVE-2021-42855
was published
Mar 11, 2022
CuppaCMS 1.0 is vulnerable to Remote Code Execution (RCE). An authenticated user can control both...
High
Unreviewed
CVE-2022-37190
was published
Sep 14, 2022
In addOrUpdateNetwork of WifiServiceImpl.java, there is a possible way for a guest user to...
High
Unreviewed
CVE-2022-20398
was published
Sep 14, 2022
An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker...
High
Unreviewed
CVE-2021-38289
was published
Jul 13, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of...
High
Unreviewed
CVE-2022-34891
was published
Jul 19, 2022
Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper.
High
Unreviewed
CVE-2022-30929
was published
Jul 7, 2022
In Car Settings app, the NotificationAccessConfirmationActivity is exported. In...
High
Unreviewed
CVE-2022-20234
was published
Jul 14, 2022
Privilege escalation in Nagios XI before 5.5.11 allows local attackers to elevate privileges to...
High
Unreviewed
CVE-2019-9166
was published
May 13, 2022
Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows...
High
Unreviewed
CVE-2022-33695
was published
Jul 13, 2022
A vulnerability has been identified in Xpedition Designer (All versions < VX.2.11). The affected...
High
Unreviewed
CVE-2022-31465
was published
Jun 15, 2022
An issue was discovered in TitanFTP (aka Titan FTP) NextGen before 1.2.1050. When installing,...
High
Unreviewed
CVE-2022-34006
was published
Jun 20, 2022
ProTip!
Advisories are also available from the
GraphQL API