Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,335
Erlang
31
GitHub Actions
22
Go
2,096
Maven
5,000+
npm
3,762
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

3,398 advisories

Loading
In createOrUpdate of Permission.java and related code, there is possible permission escalation... High Unreviewed
CVE-2021-0317 was published May 24, 2022
Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited... High Unreviewed
CVE-2021-27445 was published Dec 22, 2021
In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to... High Unreviewed
CVE-2021-0328 was published May 24, 2022
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt... Low Unreviewed
CVE-2019-18899 was published May 24, 2022
Zoom Client for Meetings through 4.6.8 on macOS copies runwithroot to a user-writable temporary... High Unreviewed
CVE-2020-11469 was published May 24, 2022
In the NXP NFC firmware, there is a possible insecure firmware update due to a logic error. This... Moderate Unreviewed
CVE-2021-0462 was published May 24, 2022
SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation.... High Unreviewed
CVE-2021-27892 was published May 24, 2022
In FreeBSD 12.2-STABLE before r369334, 11.4-STABLE before r369335, 12.2-RELEASE before p4 and 11... High Unreviewed
CVE-2020-25582 was published May 24, 2022
Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11... Moderate Unreviewed
CVE-2020-7305 was published May 24, 2022
goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of... High Unreviewed
CVE-2020-10181 was published May 24, 2022
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1)... High Unreviewed
CVE-2020-3950 was published May 24, 2022
Any logged in user could edit any other logged in user. High
CVE-2021-29452 was published for @curveball/a12n-server (npm) Apr 19, 2021
Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and... Moderate Unreviewed
CVE-2020-13173 was published May 24, 2022
Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to... High Unreviewed
CVE-2021-3162 was published May 24, 2022
Improper access control vulnerability in acmailer ver. 4.0.1 and earlier, and acmailer DB ver. 1... Critical Unreviewed
CVE-2021-20617 was published May 24, 2022
There is a local privilege escalation vulnerability in some Huawei products. A local,... High Unreviewed
CVE-2021-22299 was published May 24, 2022
Mubu 2.2.1 allows local users to gain privileges to execute commands, aka CNVD-2020-68878. High Unreviewed
CVE-2021-3134 was published May 24, 2022
In onReceive of ImsPhoneCallTracker.java, there is a possible misattribution of data usage due to... High Unreviewed
CVE-2021-0388 was published May 24, 2022
In done of CaptivePortalLoginActivity.java, there is a confused deputy. This could lead to local... High Unreviewed
CVE-2021-0383 was published May 24, 2022
In several functions of GlobalScreenshot.java, there is a possible permission bypass due to an... Moderate Unreviewed
CVE-2021-0304 was published May 24, 2022
Emerson Smart Wireless Gateway 1420 4.6.59 allows non-privileged users (such as the default... High Unreviewed
CVE-2020-19417 was published May 24, 2022
Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint... High Unreviewed
CVE-2021-22159 was published May 24, 2022
Insufficient policy enforcement in Cryptohome in Google Chrome prior to 88.0.4324.96 allowed a... High Unreviewed
CVE-2021-21117 was published May 24, 2022
AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to... High Unreviewed
CVE-2021-28685 was published May 24, 2022
VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo... High Unreviewed
CVE-2021-30462 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database