GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,713
NuGet
661
pip
3,386
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
62 advisories
Filter by severity
The CLI 1.0.0 for Amazon AWS OpenSearch has weak permissions for the configuration file.
Critical
Unreviewed
CVE-2021-44833
was published
Dec 13, 2021
Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote...
Critical
Unreviewed
CVE-2021-45003
was published
Jan 11, 2022
eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php.
Critical
Unreviewed
CVE-2021-46093
was published
Feb 2, 2022
It was discovered, that debian-edu-config, a set of configuration files used for the Debian Edu...
Critical
Unreviewed
CVE-2021-20001
was published
Feb 12, 2022
ims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify...
Critical
Unreviewed
CVE-2021-39635
was published
Feb 12, 2022
ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms...
Critical
Unreviewed
CVE-2021-39658
was published
Feb 12, 2022
Multiple Mitsubishi Electric Factory Automation engineering software products have a malicious...
Critical
Unreviewed
CVE-2020-14521
was published
Feb 12, 2022
There is a permission control vulnerability in the Nearby module. Successful exploitation of this...
Critical
Unreviewed
CVE-2021-40053
was published
Mar 11, 2022
An elevation of privilege vulnerability in the Android media framework (mediaanalytics). Product:...
Critical
Unreviewed
CVE-2017-0847
was published
May 13, 2022
During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with...
Critical
Unreviewed
CVE-2017-5642
was published
May 13, 2022
D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.
Critical
Unreviewed
CVE-2022-28932
was published
May 24, 2022
Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.
Critical
Unreviewed
CVE-2019-17124
was published
May 24, 2022
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability....
Critical
Unreviewed
CVE-2020-29492
was published
May 24, 2022
In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gotenberg)...
Critical
Unreviewed
CVE-2020-13452
was published
May 24, 2022
An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices....
Critical
Unreviewed
CVE-2019-20468
was published
May 24, 2022
Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the...
Critical
Unreviewed
CVE-2021-24032
was published
May 24, 2022
In the Zstandard command-line utility prior to v1.4.1, output files were created with default...
Critical
Unreviewed
CVE-2021-24031
was published
May 24, 2022
Incorrect default permissions vulnerability in the API of Netop Vision Pro up to and including 9...
Critical
Unreviewed
CVE-2021-27193
was published
May 24, 2022
Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows...
Critical
Unreviewed
CVE-2020-28910
was published
May 24, 2022
There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful...
Critical
Unreviewed
CVE-2021-22376
was published
May 24, 2022
In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow...
Critical
Unreviewed
CVE-2021-31217
was published
May 24, 2022
An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus...
Critical
Unreviewed
CVE-2021-37167
was published
May 24, 2022
In XeroSecurity Sn1per 9.0 (free version), insecure directory permissions (0777) are set during...
Critical
Unreviewed
CVE-2021-39274
was published
May 24, 2022
Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php.
Critical
Unreviewed
CVE-2021-36363
was published
May 24, 2022
Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh.
Critical
Unreviewed
CVE-2021-36365
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API