GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
521 advisories
Filter by severity
There is a permission control vulnerability in the PMS module. Successful exploitation of this...
High
Unreviewed
CVE-2021-40049
was published
Mar 11, 2022
The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure...
High
Unreviewed
CVE-2022-25943
was published
Mar 10, 2022
Insecure permissions in the file database.sdb of BatFlat CMS v1.3.6 allows attackers to dump the...
High
Unreviewed
CVE-2021-41652
was published
Mar 3, 2022
WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an...
High
Unreviewed
CVE-2022-23922
was published
Feb 25, 2022
WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an...
High
Unreviewed
CVE-2022-23104
was published
Feb 25, 2022
Incorrect Default Permissions in Cobbler
High
CVE-2021-45083
was published
for
cobbler
(pip)
Feb 21, 2022
Local privilege escalation due to excessive permissions assigned to child processes. The...
High
Unreviewed
CVE-2022-24113
was published
Feb 12, 2022
In checkUriPermission of MediaProvider.java , there is a possible way to gain access to the...
High
Unreviewed
CVE-2021-39662
was published
Feb 12, 2022
A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized...
High
Unreviewed
CVE-2021-22817
was published
Feb 11, 2022
Incorrect default permissions in the software installer for the Intel(R) Advisor before version...
High
Unreviewed
CVE-2021-33129
was published
Feb 11, 2022
Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an...
High
Unreviewed
CVE-2022-21204
was published
Feb 11, 2022
Incorrect Default Permissions in Apache Tomcat
High
CVE-2020-8022
was published
for
org.apache.tomcat:tomcat
(Maven)
Feb 9, 2022
•
withdrawn
Incorrect Default Permissions in Apache DolphinScheduler
High
CVE-2020-13922
was published
for
org.apache.dolphinscheduler:dolphinscheduler-api
(Maven)
Feb 9, 2022
A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server...
High
Unreviewed
CVE-2021-40397
was published
Jan 29, 2022
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1...
High
Unreviewed
CVE-2021-40396
was published
Jan 29, 2022
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge...
High
Unreviewed
CVE-2021-40389
was published
Jan 29, 2022
A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially...
High
Unreviewed
CVE-2021-40388
was published
Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability...
High
Unreviewed
CVE-2021-40414
was published
Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability...
High
Unreviewed
CVE-2021-40416
was published
Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability...
High
Unreviewed
CVE-2021-40413
was published
Jan 29, 2022
xzs-mysql >= t3.4.0 is vulnerable to Insecure Permissions. The front end of this open source...
High
Unreviewed
CVE-2021-46086
was published
Jan 26, 2022
A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows...
High
Unreviewed
CVE-2021-36781
was published
Jan 15, 2022
The cellular module has a vulnerability in permission management. Successful exploitation of this...
High
Unreviewed
CVE-2021-40004
was published
Jan 11, 2022
There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast...
High
Unreviewed
CVE-2021-39967
was published
Jan 4, 2022
Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be...
High
Unreviewed
CVE-2021-45335
was published
Dec 28, 2021
ProTip!
Advisories are also available from the
GraphQL API