Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
36
Go
2,521
Maven
5,000+
npm
4,167
NuGet
741
pip
3,963
Pub
12
RubyGems
946
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+

302 advisories

Loading
Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure... High Unreviewed
CVE-2022-24618 was published Mar 11, 2022
Plesk CMS 18.0.37 is affected by an insecure permissions vulnerability that allows privilege... High Unreviewed
CVE-2021-45008 was published Feb 22, 2022
Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard... High Unreviewed
CVE-2022-21203 was published Feb 11, 2022
In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission... High Unreviewed
CVE-2021-39622 was published Jan 15, 2022
Unprivileged pod using `hostPath` can side-step active LSM when it is SELinux High
CVE-2021-43816 was published for github.com/containerd/containerd (Go) Jan 6, 2022
Possible access control violation while setting current permission for VMIDs due to improper... High Unreviewed
CVE-2021-30279 was published Jan 4, 2022
In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a... Moderate Unreviewed
CVE-2021-0653 was published Dec 16, 2021
In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java,... Moderate Unreviewed
CVE-2021-0704 was published Dec 16, 2021
In requestChannelBrowsable of TvInputManagerService.java, there is a possible permission bypass... High Unreviewed
CVE-2021-0927 was published Dec 16, 2021
In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access... High Unreviewed
CVE-2021-0953 was published Dec 16, 2021
In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without... High Unreviewed
CVE-2021-0965 was published Dec 16, 2021
In onReceive of AlertReceiver.java, there is a possible way to dismiss system dialog due to a... High Unreviewed
CVE-2021-0985 was published Dec 16, 2021
In the broadcast definition in AndroidManifest.xml, there is a possible way to set the A2DP... High Unreviewed
CVE-2021-0999 was published Dec 16, 2021
In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an... High Unreviewed
CVE-2021-1004 was published Dec 16, 2021
In getSigningKeySet of PackageManagerService.java, there is a missing permission check. This... Moderate Unreviewed
CVE-2021-1010 was published Dec 16, 2021
In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine... Moderate Unreviewed
CVE-2021-1025 was published Dec 16, 2021
There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37044 was published Dec 9, 2021
World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a... High Unreviewed
CVE-2021-44512 was published Dec 8, 2021
There is an Improper permission control vulnerability in Huawei Smartphone.Successful... Moderate Unreviewed
CVE-2021-37056 was published Dec 8, 2021
There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful... High Unreviewed
CVE-2021-37086 was published Dec 8, 2021
There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful... High Unreviewed
CVE-2021-37006 was published Nov 24, 2021
Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki High
CVE-2021-3978 was published for github.com/cloudflare/cfrpki (Go) Nov 19, 2021
ties
Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi software installer for... High Unreviewed
CVE-2021-0064 was published Nov 18, 2021
HashiCorp Vault underlying database had excessively broad filesystem permissions from v1.4.0 until v1.8.0 Critical
CVE-2021-38553 was published for github.com/hashicorp/vault (Go) Aug 30, 2021
avivdolev
Access control flaw in Kiali High
CVE-2021-3495 was published for github.com/kiali/kiali (Go) Jun 8, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database