Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

81 advisories

Loading
In Settings, there is a possible permissions bypass. This could lead to local information... Moderate Unreviewed
CVE-2020-0331 was published May 24, 2022
In core networking, there is a missing permission check. This could lead to local information... Moderate Unreviewed
CVE-2020-0327 was published May 24, 2022
In Android Auto Settings, there is a possible permission bypass due to an unsafe PendingIntent.... Moderate Unreviewed
CVE-2020-0269 was published May 24, 2022
In Telephony, there are possible leaks of sensitive data due to missing permission checks. This... Moderate Unreviewed
CVE-2020-0265 was published May 24, 2022
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions... Moderate Unreviewed
CVE-2020-13230 was published May 24, 2022
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR... Moderate Unreviewed
CVE-2020-7063 was published May 24, 2022
Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64... Moderate Unreviewed
CVE-2019-20384 was published May 24, 2022
Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a... Moderate Unreviewed
CVE-2019-13727 was published May 24, 2022
Missing permission check in Jenkins Support Core Plugin Moderate
CVE-2019-16539 was published for org.jenkins-ci.plugins:support-core (Maven) May 24, 2022
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without... Moderate Unreviewed
CVE-2019-14956 was published May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x... Moderate Unreviewed
CVE-2019-6995 was published May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before... Moderate Unreviewed
CVE-2019-6791 was published May 24, 2022
Jython Improper Access Restrictions vulnerability Moderate
CVE-2013-2027 was published for org.python:jython-standalone (Maven) May 14, 2022
Ansible Arbitrary File Overwrite Vulnerability Moderate
CVE-2013-4260 was published for ansible (pip) May 14, 2022
Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for... Moderate Unreviewed
CVE-2018-3762 was published May 13, 2022
Smarty Does Not Consider Umask Values When Setting Permissions Moderate
CVE-2009-5054 was published for smarty/smarty (Composer) May 2, 2022
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the... Moderate Unreviewed
CVE-2005-1920 was published May 1, 2022
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and... Moderate Unreviewed
CVE-2002-2323 was published Apr 30, 2022
Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories... Moderate Unreviewed
CVE-2001-1515 was published Apr 30, 2022
Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for... Moderate Unreviewed
CVE-2017-5033 was published Apr 30, 2022
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the... Moderate Unreviewed
CVE-2021-43708 was published Apr 22, 2022
Missing permission check in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28147 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS... Moderate Unreviewed
CVE-2022-22650 was published Mar 19, 2022
Missing permission checks in Jenkins Release Helper Plugin Moderate
CVE-2022-27215 was published for org.jenkins-ci.plugins:release-helper (Maven) Mar 16, 2022
NotMyFault
In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a... Moderate Unreviewed
CVE-2021-0653 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database