Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
2,891
Erlang
24
GitHub Actions
39
Go
2,240
Maven
2,698
npm
2,899
NuGet
500
pip
2,728
Pub
5
RubyGems
364
Rust
889
Swift
19
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

132 advisories

Loading
In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to... High Unreviewed
CVE-2021-39704 was published Mar 17, 2022
A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new ... Low Unreviewed
CVE-2021-20263 was published May 24, 2022
eG Agent before 7.2 has weak file permissions that enable escalation of privileges to SYSTEM. High Unreviewed
CVE-2022-29594 was published Jun 3, 2022
The communication module has a vulnerability of improper permission preservation. Successful... Moderate Unreviewed
CVE-2022-31755 was published Jun 14, 2022
Improper validation of permissions for third party application accessing Telephony service API... Moderate Unreviewed
CVE-2021-35079 was published Jun 15, 2022
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR... Moderate Unreviewed
CVE-2020-7063 was published May 24, 2022
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions... Moderate Unreviewed
CVE-2020-13230 was published May 24, 2022
An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to... High Unreviewed
CVE-2022-31262 was published Aug 18, 2022
In core networking, there is a missing permission check. This could lead to local information... Moderate Unreviewed
CVE-2020-0327 was published May 24, 2022
In Android Auto Settings, there is a possible permission bypass due to an unsafe PendingIntent.... Moderate Unreviewed
CVE-2020-0269 was published May 24, 2022
In Telephony, there are possible leaks of sensitive data due to missing permission checks. This... Moderate Unreviewed
CVE-2020-0265 was published May 24, 2022
In Settings, there is a possible permissions bypass. This could lead to local information... Moderate Unreviewed
CVE-2020-0331 was published May 24, 2022
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an... High Unreviewed
CVE-2020-24525 was published May 24, 2022
Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged,... High Unreviewed
CVE-2020-5796 was published May 24, 2022
In JetBrains UpSource before 2020.1.1883, application passwords were not revoked correctly High Unreviewed
CVE-2021-30482 was published May 24, 2022
Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to... High Unreviewed
CVE-2020-15496 was published May 24, 2022
ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile... High Unreviewed
CVE-2022-38577 was published Sep 20, 2022
A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in... High Unreviewed
CVE-2019-14841 was published Oct 17, 2022
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x... Low Unreviewed
CVE-2013-6335 was published May 13, 2022
A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and... High Unreviewed
CVE-2021-45446 was published Nov 2, 2022
in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write... High Unreviewed
CVE-2023-43612 was published Nov 20, 2023
A security feature bypass vulnerability exists when Microsoft Windows fails to handle file... Moderate Unreviewed
CVE-2020-16910 was published May 24, 2022
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world... Low Unreviewed
CVE-2001-0195 was published Apr 30, 2022
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,... Moderate Unreviewed
CVE-2024-0674 was published Jan 30, 2024
in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get... Low Unreviewed
CVE-2024-22177 was published Apr 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database