Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,747
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

537 advisories

Loading
Incorrect default permissions in the software installer for the Intel(R) Advisor before version... High Unreviewed
CVE-2021-33129 was published Feb 11, 2022
Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an... High Unreviewed
CVE-2022-21204 was published Feb 11, 2022
Incorrect Default Permissions in Apache Tomcat High
CVE-2020-8022 was published for org.apache.tomcat:tomcat (Maven) Feb 9, 2022 withdrawn
westonsteimel
Incorrect Default Permissions in Apache DolphinScheduler High
CVE-2020-13922 was published for org.apache.dolphinscheduler:dolphinscheduler-api (Maven) Feb 9, 2022
A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server... High Unreviewed
CVE-2021-40397 was published Jan 29, 2022
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge... High Unreviewed
CVE-2021-40389 was published Jan 29, 2022
A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially... High Unreviewed
CVE-2021-40388 was published Jan 29, 2022
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iService 1... High Unreviewed
CVE-2021-40396 was published Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... High Unreviewed
CVE-2021-40413 was published Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... High Unreviewed
CVE-2021-40414 was published Jan 29, 2022
An incorrect default permission vulnerability exists in the cgiserver.cgi cgi_check_ability... High Unreviewed
CVE-2021-40416 was published Jan 29, 2022
xzs-mysql >= t3.4.0 is vulnerable to Insecure Permissions. The front end of this open source... High Unreviewed
CVE-2021-46086 was published Jan 26, 2022
A Incorrect Default Permissions vulnerability in the parsec package of openSUSE Factory allows... High Unreviewed
CVE-2021-36781 was published Jan 15, 2022
The cellular module has a vulnerability in permission management. Successful exploitation of this... High Unreviewed
CVE-2021-40004 was published Jan 11, 2022
There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast... High Unreviewed
CVE-2021-39967 was published Jan 4, 2022
Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be... High Unreviewed
CVE-2021-45335 was published Dec 28, 2021
A privilege escalation vulnerability exists in the Windows version of installation for Advantech... High Unreviewed
CVE-2021-21910 was published Dec 23, 2021
A privilege escalation vulnerability exists in the Windows version of installation for Advantech... High Unreviewed
CVE-2021-21912 was published Dec 23, 2021
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... High Unreviewed
CVE-2021-44858 was published Dec 21, 2021
Automox Agent before 32 on Windows incorrectly sets permissions on a temporary directory. High Unreviewed
CVE-2021-43326 was published Dec 16, 2021
Automox Agent 33 on Windows incorrectly sets permissions on a temporary directory. NOTE: this... High Unreviewed
CVE-2021-43325 was published Dec 16, 2021
In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This... High Unreviewed
CVE-2021-0904 was published Dec 16, 2021
In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check... High Unreviewed
CVE-2021-39639 was published Dec 16, 2021
In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN... High Unreviewed
CVE-2021-39651 was published Dec 16, 2021
A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report... High Unreviewed
CVE-2021-21957 was published Dec 9, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database