Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

476 advisories

Loading
Incorrect Default Permissions in JetBrains Kotlin Moderate
CVE-2020-29582 was published for org.jetbrains.kotlin:kotlin-stdlib (Maven) May 24, 2022
Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1... Moderate Unreviewed
CVE-2020-13270 was published May 24, 2022
In getSimSerialNumber of TelephonyManager.java, there is a possible way to read a trackable... Moderate Unreviewed
CVE-2021-0428 was published May 24, 2022
Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers... Moderate Unreviewed
CVE-2021-25344 was published May 24, 2022
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to access data and perform... Moderate Unreviewed
CVE-2020-4274 was published May 24, 2022
In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking... Moderate Unreviewed
CVE-2020-0137 was published May 24, 2022
In CellBroadcastReceiver's intent handlers, there is a possible denial of service due to a... Moderate Unreviewed
CVE-2020-0437 was published May 24, 2022
In checkSlicePermission of SliceManagerService.java, there is a possible resource exposure due to... Moderate Unreviewed
CVE-2021-0382 was published May 24, 2022
vFairs 3.3 is affected by Insecure Permissions. Any user logged in to a vFairs virtual conference... Moderate Unreviewed
CVE-2020-26679 was published May 24, 2022
In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a... Moderate Unreviewed
CVE-2021-0588 was published May 24, 2022
In isRealSnapshot of TaskThumbnailView.java, there is possible data exposure due to a missing... Moderate Unreviewed
CVE-2021-0654 was published May 24, 2022
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. Insecure... Moderate Unreviewed
CVE-2022-25804 was published Jun 10, 2022
In sendNetworkConditionsBroadcast of NetworkMonitor.java, there is a possible way for a... Moderate Unreviewed
CVE-2021-0590 was published May 24, 2022
PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers... Moderate Unreviewed
CVE-2022-30747 was published Jun 8, 2022
HwSEServiceAPP has a vulnerability in permission management. Successful exploitation of this... Moderate Unreviewed
CVE-2021-46811 was published Jun 14, 2022
Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may... Moderate Unreviewed
CVE-2022-27500 was published Aug 19, 2022
Incorrect default configuration for trusted IP header in Mattermost version 6.7.0 and earlier... Moderate Unreviewed
CVE-2022-2366 was published Jul 13, 2022
An issue has been discovered in GitLab affecting all versions starting from 12.4 before 14.10.5,... Moderate Unreviewed
CVE-2022-2270 was published Jul 2, 2022
In Content, there is a possible way to check if the given account exists on the device due to a... Moderate Unreviewed
CVE-2022-20300 was published Aug 13, 2022
Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows... Moderate Unreviewed
CVE-2022-30758 was published Jul 13, 2022
In Content, there is a possible way to check if an account exists on the device due to a missing... Moderate Unreviewed
CVE-2022-20301 was published Aug 13, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from... Moderate Unreviewed
CVE-2022-22424 was published Jul 21, 2022
In ContentService, there is a possible way to check if an account exists on the device due to a... Moderate Unreviewed
CVE-2022-20296 was published Aug 13, 2022
In ContentService, there is a possible way to determine if an account is on the device without... Moderate Unreviewed
CVE-2022-20303 was published Aug 13, 2022
In ContentService, there is a possible way to check if an account exists on the device due to a... Moderate Unreviewed
CVE-2022-20295 was published Aug 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database