Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,710
NuGet
661
pip
3,361
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

217 advisories

Loading
eG Agent before 7.2 has weak file permissions that enable escalation of privileges to SYSTEM. High Unreviewed
CVE-2022-29594 was published Jun 3, 2022
Improper access control in GitLab CE/EE version 10.5 and above allowed subgroup members with... Moderate Unreviewed
CVE-2021-39897 was published May 24, 2022
A permissions issue existed. This issue was addressed with improved permission validation. This... High Unreviewed
CVE-2021-30827 was published May 24, 2022
If a user had granted a permission to a webpage and saved that grant, any webpage running on the... Critical Unreviewed
CVE-2021-29971 was published May 24, 2022
An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service... High Unreviewed
CVE-2021-32465 was published May 24, 2022
Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to... High Unreviewed
CVE-2020-15496 was published May 24, 2022
In updateNotification of BeamTransferManager.java, there is a missing permission check. This... Moderate Unreviewed
CVE-2021-0542 was published May 24, 2022
Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker... Moderate Unreviewed
CVE-2021-22382 was published May 24, 2022
A ZTE product has an information leak vulnerability. Due to improper permission settings, an... Moderate Unreviewed
CVE-2021-21735 was published May 24, 2022
Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of privileges vulnerability... High Unreviewed
CVE-2020-27383 was published May 24, 2022
Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before... High Unreviewed
CVE-2021-0077 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Computing Improvement Program software... High Unreviewed
CVE-2021-0074 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch Moderate
CVE-2021-22137 was published for org.elasticsearch:elasticsearch (Maven) May 24, 2022
joshbressers
In JetBrains UpSource before 2020.1.1883, application passwords were not revoked correctly High Unreviewed
CVE-2021-30482 was published May 24, 2022
Rmote Code Execution (RCE) vulnerability in puppyCMS v5.1 due to insecure permissions, which... Critical Unreviewed
CVE-2020-18890 was published May 24, 2022
If certificates that signed grub are installed into db, grub can be booted directly. It will then... Moderate Unreviewed
CVE-2021-3418 was published May 24, 2022
A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new ... Low Unreviewed
CVE-2021-20263 was published May 24, 2022
When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC... Moderate Unreviewed
CVE-2021-23963 was published May 24, 2022
Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged,... High Unreviewed
CVE-2020-5796 was published May 24, 2022
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an... High Unreviewed
CVE-2020-24525 was published May 24, 2022
Improper permissions in the Intel(R) Data Center Manager Console before version 3.6.2 may allow... Moderate Unreviewed
CVE-2020-12353 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Falcon 8+ UAS AscTec Thermal Viewer, all... High Unreviewed
CVE-2020-12330 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Processor Identification Utility before... High Unreviewed
CVE-2020-12335 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2... High Unreviewed
CVE-2020-12334 was published May 24, 2022
Improper permissions in the installer for the Intel(R) HID Event Filter Driver, all versions, may... High Unreviewed
CVE-2020-12332 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database