GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,693
Composer 4,732
Erlang 35
GitHub Actions 29
Go 2,310
Maven 5,598
npm 3,949
NuGet 711
pip 3,728
Pub 12
RubyGems 920
Rust 964
Swift 38

Unreviewed advisories

All unreviewed 257,399

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

106 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus... Critical Unreviewed

CVE-2021-37167 was published May 24, 2022

An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration... Critical Unreviewed

CVE-2021-34182 was published Feb 17, 2023

ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms... Critical Unreviewed

CVE-2021-39658 was published Feb 12, 2022

ims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify... Critical Unreviewed

CVE-2021-39635 was published Feb 12, 2022

It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu... Critical Unreviewed

CVE-2021-20001 was published Feb 12, 2022

eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php. Critical Unreviewed

CVE-2021-46093 was published Feb 2, 2022

Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote... Critical Unreviewed

CVE-2021-45003 was published Jan 11, 2022

During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with... Critical Unreviewed

CVE-2017-5642 was published May 13, 2022

An elevation of privilege vulnerability in the Android media framework (mediaanalytics). Product:... Critical Unreviewed

CVE-2017-0847 was published May 13, 2022

The CLI 1.0.0 for Amazon AWS OpenSearch has weak permissions for the configuration file. Critical Unreviewed

CVE-2021-44833 was published Dec 13, 2021

Incorrect Default Permissions in Apache JSPWiki Critical

CVE-2021-44140 was published for org.apache.jspwiki:jspwiki-main (Maven) Nov 29, 2021

TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Insecure Permissions... Critical Unreviewed

CVE-2022-40109 was published Sep 7, 2022

Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier,... Critical Unreviewed

CVE-2022-34824 was published Nov 9, 2022

There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful... Critical Unreviewed

CVE-2021-36990 was published May 24, 2022

There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed

CVE-2021-36989 was published May 24, 2022

Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php. Critical Unreviewed

CVE-2021-36363 was published May 24, 2022

Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh. Critical Unreviewed

CVE-2021-36365 was published May 24, 2022

In XeroSecurity Sn1per 9.0 (free version), insecure directory permissions (0777) are set during... Critical Unreviewed

CVE-2021-39274 was published May 24, 2022

In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow... Critical Unreviewed

CVE-2021-31217 was published May 24, 2022

There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful... Critical Unreviewed

CVE-2021-22376 was published May 24, 2022

In the Zstandard command-line utility prior to v1.4.1, output files were created with default... Critical Unreviewed

CVE-2021-24031 was published May 24, 2022

Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the... Critical Unreviewed

CVE-2021-24032 was published May 24, 2022

Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability.... Critical Unreviewed

CVE-2020-29492 was published May 24, 2022

Incorrect default permissions vulnerability in the API of Netop Vision Pro up to and including 9... Critical Unreviewed

CVE-2021-27193 was published May 24, 2022

In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gotenberg)... Critical Unreviewed

CVE-2020-13452 was published May 24, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

106 advisories