Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

58 advisories

Loading
Incorrect Permission Assignment for Critical Resource in Apache hive Low
CVE-2018-1315 was published for org.apache.hive:hive (Maven) Nov 21, 2018
Information Disclosure in Guava Low
CVE-2020-8908 was published for com.google.guava:guava (Maven) Mar 25, 2021
joshbressers
A user without PR can reset user authentication failures information Low
CVE-2021-32729 was published for org.xwiki.platform:xwiki-platform-security-authentication-script (Maven) Jul 2, 2021
Hashicorp Vault Privilege Escalation Vulnerability Low
CVE-2021-41802 was published for github.com/hashicorp/vault (Go) Oct 12, 2021
An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local... Low Unreviewed
CVE-2021-25519 was published Dec 9, 2021
Description: A permissions issue was addressed with improved validation. This issue is fixed in... Low Unreviewed
CVE-2022-22599 was published Mar 19, 2022
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to... Low Unreviewed
CVE-2022-24236 was published Mar 22, 2022
BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3)... Low Unreviewed
CVE-2004-1714 was published Apr 29, 2022
The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control... Low Unreviewed
CVE-2001-0006 was published Apr 30, 2022
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for... Low Unreviewed
CVE-2005-4868 was published May 1, 2022
Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb... Low Unreviewed
CVE-2008-3789 was published May 2, 2022
XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creates tty devices with... Low Unreviewed
CVE-2009-0141 was published May 2, 2022
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2,... Low Unreviewed
CVE-2009-2948 was published May 2, 2022
common/snapshots.py in Back In Time (aka backintime) 0.9.26 changes certain permissions to 0777... Low Unreviewed
CVE-2009-3611 was published May 2, 2022
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red... Low Unreviewed
CVE-2011-4339 was published May 13, 2022
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable... Low Unreviewed
CVE-2008-4870 was published May 13, 2022
An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to setting of... Low Unreviewed
CVE-2019-7729 was published May 13, 2022
Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10,... Low Unreviewed
CVE-2017-15352 was published May 13, 2022
IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it... Low Unreviewed
CVE-2017-1699 was published May 13, 2022
IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose sensitive information to a... Low Unreviewed
CVE-2017-1716 was published May 13, 2022
Insufficient access control in User Mode Driver in Intel(R) Graphics Driver for Windows* before... Low Unreviewed
CVE-2018-12209 was published May 13, 2022
Insufficient access control in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before... Low Unreviewed
CVE-2018-12217 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue... Low Unreviewed
CVE-2018-4238 was published May 13, 2022
Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak... Low Unreviewed
CVE-2018-7924 was published May 13, 2022
Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users... Low Unreviewed
CVE-2019-2389 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database