Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

632 advisories

Loading
u'An Unaligned address or size can propagate to the database due to improper page permissions and... High Unreviewed
CVE-2020-3638 was published May 24, 2022
Incorrect default permissions in Windows(R) installer in Intel(R) AMT SDK versions before 14.0.0... High Unreviewed
CVE-2020-12354 was published May 24, 2022
Incorrect default permissions in the Intel(R) RealSense(TM) D400 Series Dynamic Calibration Tool... High Unreviewed
CVE-2020-12306 was published May 24, 2022
An attacker with physical access to a PAX Point Of Sale device with ProlinOS through 2.4.161... High Unreviewed
CVE-2020-28044 was published May 24, 2022
I2P before 0.9.46 allows local users to gain privileges via a Trojan horse I2PSvc.exe file... High Unreviewed
CVE-2020-13431 was published May 24, 2022
A permissions issue existed. This issue was addressed with improved permission validation. This... High Unreviewed
CVE-2020-9817 was published May 24, 2022
WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local... High Unreviewed
CVE-2020-13866 was published May 24, 2022
Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecure file... High Unreviewed
CVE-2020-3766 was published May 24, 2022
The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and... High Unreviewed
CVE-2020-3838 was published May 24, 2022
Couchbase Server 4.x and 5.x before 6.0.0 has Insecure Permissions for the projector and indexer... High Unreviewed
CVE-2020-9039 was published May 24, 2022
A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 and 4.7.8 allows any... High Unreviewed
CVE-2019-7656 was published May 24, 2022
ColdFusion versions Update 6 and earlier have an insecure inherited permissions of default... High Unreviewed
CVE-2019-8256 was published May 24, 2022
The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO... High Unreviewed
CVE-2020-9409 was published May 24, 2022
A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report... High Unreviewed
CVE-2021-21957 was published Dec 9, 2021
An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration,... High Unreviewed
CVE-2019-14510 was published May 24, 2022
The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18... High Unreviewed
CVE-2019-3689 was published May 24, 2022
In Core, there is a possible way to start an activity from the background due to a missing... High Unreviewed
CVE-2022-20281 was published Aug 13, 2022
Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of... High Unreviewed
CVE-2022-0486 was published May 18, 2022
Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network... High Unreviewed
CVE-2022-0997 was published May 18, 2022
Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions... High Unreviewed
CVE-2022-33922 was published Oct 13, 2022
Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows... High Unreviewed
CVE-2021-37289 was published Aug 23, 2022
In cta, there is a possible way to write permission usage records of an app due to a missing... High Unreviewed
CVE-2022-26429 was published Aug 2, 2022
The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions,... High Unreviewed
CVE-2022-3263 was published Sep 25, 2022
An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary... High Unreviewed
CVE-2022-37173 was published Aug 31, 2022
A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE... High Unreviewed
CVE-2022-31251 was published Sep 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database