Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

380 advisories

Loading
Ericsson Network Manager 20.2 has Insecure Permissions. Moderate Unreviewed
CVE-2021-28488 was published Mar 11, 2022
A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4,... Moderate Unreviewed
CVE-2020-15388 was published Mar 19, 2022
TMS v2.28.0 contains an insecure permissions vulnerability via the component /TMS/admin/user... Moderate Unreviewed
CVE-2022-26247 was published Mar 21, 2022
There is a Permissions,Privileges,and Access Controls vulnerability in Huawei Smartphone... Moderate Unreviewed
CVE-2021-37058 was published Dec 8, 2021
In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission... Moderate Unreviewed
CVE-2021-0931 was published Dec 16, 2021
In RuoYi v4.7.2 through the WebUI, user test1 does not have permission to reset the password of... Moderate Unreviewed
CVE-2022-23869 was published Mar 31, 2022
Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a... Moderate Unreviewed
CVE-2022-0803 was published Apr 6, 2022
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications ... Moderate Unreviewed
CVE-2022-21475 was published Apr 20, 2022
Insecure permissions in Chocolatey Python3 package v3.11.0 and below grants all users in the... Moderate Unreviewed
CVE-2022-45305 was published Nov 29, 2022
Insecure permissions in Chocolatey PHP package v8.1.12 and below grants all users in the... Moderate Unreviewed
CVE-2022-45307 was published Nov 29, 2022
It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings... Moderate Unreviewed
CVE-2021-35248 was published Dec 21, 2021
Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all... Moderate Unreviewed
CVE-2022-45306 was published Nov 29, 2022
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of... Moderate Unreviewed
CVE-2018-4051 was published May 13, 2022
Insecure permissions in Chocolatey Ruby package v3.1.2.1 and below grants all users in the... Moderate Unreviewed
CVE-2022-45301 was published Nov 29, 2022
In SonicWall SonicOS, administrators without full permissions can download imported certificates.... Moderate Unreviewed
CVE-2018-9867 was published May 13, 2022
Insecure permissions in Chocolatey Cmder package v1.3.20 and below grants all users in the... Moderate Unreviewed
CVE-2022-45304 was published Nov 29, 2022
An issue was discovered in the Sametime chat feature in the Notes 11.0 - 11.0.1 FP4 clients. An... Moderate Unreviewed
CVE-2021-27760 was published May 7, 2022
In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly. Moderate Unreviewed
CVE-2021-25778 was published May 24, 2022
In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for... Moderate Unreviewed
CVE-2021-25775 was published May 24, 2022
In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to... Moderate Unreviewed
CVE-2021-30487 was published May 24, 2022
In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked... Moderate Unreviewed
CVE-2021-25768 was published May 24, 2022
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the... Moderate Unreviewed
CVE-2021-30478 was published May 24, 2022
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the... Moderate Unreviewed
CVE-2021-30479 was published May 24, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 6.2.7.8 , 6.2.7.9, 7.0.3.0, 7.0.4.0, 7.0.5.4, 7.1.0... Moderate Unreviewed
CVE-2021-29711 was published May 24, 2022
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2.... Moderate Unreviewed
CVE-2021-30156 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database