Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

215 advisories

Loading
It's possible to execute anything with the rights of the author of a macro which uses the {{wikimacrocontent}} macro Low
CVE-2021-21379 was published for org.xwiki.platform:xwiki-platform-rendering-wikimacro-store (Maven) Mar 23, 2021
Insecure Permissions in Gogs Moderate
CVE-2020-14958 was published for gogs.io/gogs (Go) May 18, 2021
Access control flaw in Kiali High
CVE-2021-3495 was published for github.com/kiali/kiali (Go) Jun 8, 2021
HashiCorp Vault underlying database had excessively broad filesystem permissions from v1.4.0 until v1.8.0 Critical
CVE-2021-38553 was published for github.com/hashicorp/vault (Go) Aug 30, 2021
avivdolev
Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi software installer for... High Unreviewed
CVE-2021-0064 was published Nov 18, 2021
Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki Moderate
CVE-2021-3978 was published for github.com/cloudflare/cfrpki (Go) Nov 19, 2021
ties
There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful... High Unreviewed
CVE-2021-37006 was published Nov 24, 2021
There is a Improper Preservation of Permissions vulnerability in Huawei Smartphone.Successful... High Unreviewed
CVE-2021-37086 was published Dec 8, 2021
There is an Improper permission control vulnerability in Huawei Smartphone.Successful... Moderate Unreviewed
CVE-2021-37056 was published Dec 8, 2021
World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a... High Unreviewed
CVE-2021-44512 was published Dec 8, 2021
There is a Permission control vulnerability in Huawei Smartphone.Successful exploitation of this... High Unreviewed
CVE-2021-37044 was published Dec 9, 2021
In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine... Moderate Unreviewed
CVE-2021-1025 was published Dec 16, 2021
In getSigningKeySet of PackageManagerService.java, there is a missing permission check. This... Moderate Unreviewed
CVE-2021-1010 was published Dec 16, 2021
In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an... High Unreviewed
CVE-2021-1004 was published Dec 16, 2021
In the broadcast definition in AndroidManifest.xml, there is a possible way to set the A2DP... High Unreviewed
CVE-2021-0999 was published Dec 16, 2021
In onReceive of AlertReceiver.java, there is a possible way to dismiss system dialog due to a... High Unreviewed
CVE-2021-0985 was published Dec 16, 2021
In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without... High Unreviewed
CVE-2021-0965 was published Dec 16, 2021
In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access... High Unreviewed
CVE-2021-0953 was published Dec 16, 2021
In requestChannelBrowsable of TvInputManagerService.java, there is a possible permission bypass... High Unreviewed
CVE-2021-0927 was published Dec 16, 2021
In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java,... Moderate Unreviewed
CVE-2021-0704 was published Dec 16, 2021
In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a... Moderate Unreviewed
CVE-2021-0653 was published Dec 16, 2021
Possible access control violation while setting current permission for VMIDs due to improper... High Unreviewed
CVE-2021-30279 was published Jan 4, 2022
Unprivileged pod using `hostPath` can side-step active LSM when it is SELinux High
CVE-2021-43816 was published for github.com/containerd/containerd (Go) Jan 6, 2022
In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission... High Unreviewed
CVE-2021-39622 was published Jan 15, 2022
Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard... High Unreviewed
CVE-2022-21203 was published Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database