Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

907 advisories

Loading
Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote... Critical Unreviewed
CVE-2021-45003 was published Jan 11, 2022
PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability ... Moderate Unreviewed
CVE-2021-37132 was published Jan 4, 2022
There is a Vulnerability of obtaining broadcast information improperly due to improper broadcast... High Unreviewed
CVE-2021-39967 was published Jan 4, 2022
Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be... High Unreviewed
CVE-2021-45335 was published Dec 28, 2021
A privilege escalation vulnerability exists in the Windows version of installation for Advantech... High Unreviewed
CVE-2021-21910 was published Dec 23, 2021
A privilege escalation vulnerability exists in the Windows version of installation for Advantech... High Unreviewed
CVE-2021-21912 was published Dec 23, 2021
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... High Unreviewed
CVE-2021-44858 was published Dec 21, 2021
Automox Agent before 32 on Windows incorrectly sets permissions on a temporary directory. High Unreviewed
CVE-2021-43326 was published Dec 16, 2021
Automox Agent 33 on Windows incorrectly sets permissions on a temporary directory. NOTE: this... High Unreviewed
CVE-2021-43325 was published Dec 16, 2021
In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This... High Unreviewed
CVE-2021-0904 was published Dec 16, 2021
In isRequestPinItemSupported of ShortcutService.java, there is a possible cross-user leak of... Moderate Unreviewed
CVE-2021-0979 was published Dec 16, 2021
In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check... High Unreviewed
CVE-2021-39639 was published Dec 16, 2021
In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN... High Unreviewed
CVE-2021-39651 was published Dec 16, 2021
The CLI 1.0.0 for Amazon AWS OpenSearch has weak permissions for the configuration file. Critical Unreviewed
CVE-2021-44833 was published Dec 13, 2021
A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report... High Unreviewed
CVE-2021-21957 was published Dec 9, 2021
Barracuda Network Access Client before 5.2.2 creates a Temporary File in a Directory with... High Unreviewed
CVE-2021-42711 was published Dec 3, 2021
Incorrect Default Permissions in Apache JSPWiki Critical
CVE-2021-44140 was published for org.apache.jspwiki:jspwiki-main (Maven) Nov 29, 2021
Incorrect default permissions in the installer for the Intel(R) NUC M15 Laptop Kit Integrated... High Unreviewed
CVE-2021-33088 was published Nov 18, 2021
Incorrect default permissions in the installer for the Intel(R) oneAPI Rendering Toolkit before... High Unreviewed
CVE-2021-33071 was published Nov 18, 2021
coreos-installer < 0.10.0 writes world-readable Ignition config to installed system Moderate
CVE-2021-3917 was published for coreos-installer (Rust) Nov 8, 2021
xlejo
raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. High
CVE-2021-38557 was published for billz/raspap-webgui (Composer) Sep 2, 2021
Incorrect Default Permissions in Binance tss-lib High
CVE-2020-12118 was published for github.com/binance-chain/tss-lib (Go) Jun 29, 2021
Privilege escalation in rbac High
CVE-2021-22538 was published for github.com/google/exposure-notifications-verification-server (Go) May 21, 2021
Django Incorrect Default Permissions High
CVE-2020-24583 was published for Django (pip) Mar 18, 2021
Django Incorrect Default Permissions High
CVE-2020-24584 was published for django (pip) Mar 18, 2021
sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database