Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

212 advisories

Loading
Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to... High Unreviewed
CVE-2020-15496 was published May 24, 2022
In updateNotification of BeamTransferManager.java, there is a missing permission check. This... Moderate Unreviewed
CVE-2021-0542 was published May 24, 2022
Huawei LTE USB Dongle products have an improper permission assignment vulnerability. An attacker... Moderate Unreviewed
CVE-2021-22382 was published May 24, 2022
A ZTE product has an information leak vulnerability. Due to improper permission settings, an... Moderate Unreviewed
CVE-2021-21735 was published May 24, 2022
Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of privileges vulnerability... High Unreviewed
CVE-2020-27383 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Computing Improvement Program software... High Unreviewed
CVE-2021-0074 was published May 24, 2022
Insecure inherited permissions in the installer for the Intel(R) VTune(TM) Profiler before... High Unreviewed
CVE-2021-0077 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch Moderate
CVE-2021-22137 was published for org.elasticsearch:elasticsearch (Maven) May 24, 2022
joshbressers
In JetBrains UpSource before 2020.1.1883, application passwords were not revoked correctly High Unreviewed
CVE-2021-30482 was published May 24, 2022
Rmote Code Execution (RCE) vulnerability in puppyCMS v5.1 due to insecure permissions, which... Critical Unreviewed
CVE-2020-18890 was published May 24, 2022
If certificates that signed grub are installed into db, grub can be booted directly. It will then... Moderate Unreviewed
CVE-2021-3418 was published May 24, 2022
A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new ... Low Unreviewed
CVE-2021-20263 was published May 24, 2022
When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC... Moderate Unreviewed
CVE-2021-23963 was published May 24, 2022
Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged,... High Unreviewed
CVE-2020-5796 was published May 24, 2022
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an... High Unreviewed
CVE-2020-24525 was published May 24, 2022
Improper permissions in the Intel(R) Data Center Manager Console before version 3.6.2 may allow... Moderate Unreviewed
CVE-2020-12353 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Falcon 8+ UAS AscTec Thermal Viewer, all... High Unreviewed
CVE-2020-12330 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Processor Identification Utility before... High Unreviewed
CVE-2020-12335 was published May 24, 2022
Improper permissions in the installer for the Intel(R) HID Event Filter Driver, all versions, may... High Unreviewed
CVE-2020-12332 was published May 24, 2022
Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2... High Unreviewed
CVE-2020-12334 was published May 24, 2022
A security feature bypass vulnerability exists when Microsoft Windows fails to handle file... Moderate Unreviewed
CVE-2020-16910 was published May 24, 2022
Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a... Moderate Unreviewed
CVE-2020-6564 was published May 24, 2022
In Settings, there is a possible permissions bypass. This could lead to local information... Moderate Unreviewed
CVE-2020-0331 was published May 24, 2022
In core networking, there is a missing permission check. This could lead to local information... Moderate Unreviewed
CVE-2020-0327 was published May 24, 2022
In Android Auto Settings, there is a possible permission bypass due to an unsafe PendingIntent.... Moderate Unreviewed
CVE-2020-0269 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database