Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,463
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

609 advisories

Loading
An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6... High Unreviewed
CVE-2022-32777 was published Aug 23, 2022
Winston 1.5.4 devices allow a U-Boot interrupt, resulting in local root access. High Unreviewed
CVE-2020-16261 was published May 24, 2022
A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate... High Unreviewed
CVE-2020-3595 was published May 24, 2022
Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory.... High Unreviewed
CVE-2020-10140 was published May 24, 2022
Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root... High Unreviewed
CVE-2020-16262 was published May 24, 2022
In the audio server, there is a missing permission check. This could lead to local escalation of... High Unreviewed
CVE-2020-0089 was published May 24, 2022
Improper file permissions in the installer for the Intel(R) Media SDK for Windows before version... High Unreviewed
CVE-2019-11121 was published May 24, 2022
IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and... High Unreviewed
CVE-2020-4611 was published May 24, 2022
The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1... High Unreviewed
CVE-2020-4002 was published May 24, 2022
An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a... High Unreviewed
CVE-2020-28914 was published May 24, 2022
In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside... High Unreviewed
CVE-2020-5808 was published May 24, 2022
An incorrect permission assignment (chmod 777) of /etc/environment during the installation script... High Unreviewed
CVE-2020-25507 was published May 24, 2022
AdRem NetCrunch 10.6.0.4587 allows Remote Code Execution. In the NetCrunch web client, a read... High Unreviewed
CVE-2019-14479 was published May 24, 2022
An issue was discovered in the Widgets extension for MediaWiki through 1.35.1. Any user with the... High Unreviewed
CVE-2020-35625 was published May 24, 2022
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It... High Unreviewed
CVE-2020-35948 was published May 24, 2022
An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the... High Unreviewed
CVE-2020-10552 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for... High Unreviewed
CVE-2020-26194 was published May 24, 2022
A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01... High Unreviewed
CVE-2020-28055 was published May 24, 2022
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 specifies permissions for a security-critical... High Unreviewed
CVE-2019-4702 was published May 24, 2022
There is an unsafe incomplete reset of PATH in OpenDoas 6.6 through 6.8 when changing the user... High Unreviewed
CVE-2019-25016 was published May 24, 2022
Incorrect permissions are set by default for an API entry-point of a specific service, allowing a... High Unreviewed
CVE-2020-25191 was published May 24, 2022
In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app... High Unreviewed
CVE-2021-0334 was published May 24, 2022
Windows 10 Update Assistant Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-27070 was published May 24, 2022
Portainer 1.24.1 and earlier is affected by an insecure permissions vulnerability that may lead... High Unreviewed
CVE-2020-24263 was published May 24, 2022
The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges... High Unreviewed
CVE-2020-28169 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database