GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
78 advisories
Filter by severity
Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to...
Moderate
Unreviewed
CVE-2022-4326
was published
Dec 21, 2022
Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of...
Moderate
Unreviewed
CVE-2022-2787
was published
Aug 28, 2022
Improper access control in GitLab CE/EE version 10.5 and above allowed subgroup members with...
Moderate
Unreviewed
CVE-2021-39897
was published
May 24, 2022
Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for...
Moderate
Unreviewed
CVE-2017-5033
was published
Apr 30, 2022
Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a...
Moderate
Unreviewed
CVE-2019-13727
was published
May 24, 2022
There is an Improper permission control vulnerability in Huawei Smartphone.Successful...
Moderate
Unreviewed
CVE-2021-37056
was published
Dec 8, 2021
In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java,...
Moderate
Unreviewed
CVE-2021-0704
was published
Dec 16, 2021
Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for...
Moderate
Unreviewed
CVE-2018-3762
was published
May 13, 2022
Missing permission checks in Jenkins Release Helper Plugin
Moderate
CVE-2022-27215
was published
for
org.jenkins-ci.plugins:release-helper
(Maven)
Mar 16, 2022
Missing permission check in Jenkins Continuous Integration with Toad Edge Plugin
Moderate
CVE-2022-28147
was published
for
org.jenkins-ci.plugins:ci-with-toad-edge
(Maven)
Mar 30, 2022
Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access...
Moderate
Unreviewed
CVE-2022-41708
was published
Oct 20, 2022
The SystemUI has a vulnerability in permission management. Successful exploitation of this...
Moderate
Unreviewed
CVE-2022-48296
was published
Feb 9, 2023
vantage6 vulnerable to Improper Preservation of Permissions
Moderate
CVE-2023-22738
was published
for
vantage6
(pip)
Feb 28, 2023
runc AppArmor bypass with symlinked /proc
Moderate
CVE-2023-28642
was published
for
github.com/opencontainers/runc
(Go)
Mar 30, 2023
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
Moderate
CVE-2021-22137
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 24, 2022
Jython Improper Access Restrictions vulnerability
Moderate
CVE-2013-2027
was published
for
org.python:jython-standalone
(Maven)
May 14, 2022
Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki
Moderate
CVE-2021-3978
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 19, 2021
Apache Superset has improper default REST API permission for Gamma users
Moderate
CVE-2023-36387
was published
for
apache-superset
(pip)
Sep 6, 2023
OpenSearch Issue with tenant read-only permissions
Moderate
CVE-2023-45807
was published
for
org.opensearch.plugin:opensearch-security
(Maven)
Oct 17, 2023
Netskope was made aware of a security vulnerability in its NSClient product for version 100 &...
Moderate
Unreviewed
CVE-2023-4996
was published
Nov 6, 2023
Missing permission check in Jenkins Support Core Plugin
Moderate
CVE-2019-16539
was published
for
org.jenkins-ci.plugins:support-core
(Maven)
May 24, 2022
A security feature bypass vulnerability exists when Microsoft Windows fails to handle file...
Moderate
Unreviewed
CVE-2020-16910
was published
May 24, 2022
Improper Preservation of Permissions in etcd
Moderate
CVE-2020-15113
was published
for
github.com/etcd-io/etcd
(Go)
Jan 30, 2024
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the...
Moderate
Unreviewed
CVE-2005-1920
was published
May 1, 2022
Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories...
Moderate
Unreviewed
CVE-2001-1515
was published
Apr 30, 2022
ProTip!
Advisories are also available from the
GraphQL API