GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
51 advisories
Filter by severity
The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path...
Low
Unreviewed
CVE-2024-10228
was published
Oct 30, 2024
Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier...
Low
Unreviewed
CVE-2024-46897
was published
Oct 18, 2024
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote attacker to obtain sensitive...
Low
Unreviewed
CVE-2022-43845
was published
Sep 25, 2024
RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS...
Low
Unreviewed
CVE-2024-44575
was published
Sep 11, 2024
IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could...
Low
Unreviewed
CVE-2022-33167
was published
Jul 30, 2024
Improper permission control in the mobile application (com.android.server.telecom) may lead to...
Low
Unreviewed
CVE-2024-6780
was published
Jul 16, 2024
Improper export of Android application components issue exists in 'ABEMA' App for Android prior...
Low
Unreviewed
CVE-2024-28745
was published
Mar 18, 2024
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform...
Low
Unreviewed
CVE-2023-49578
was published
Dec 12, 2023
Default permissions for a properties file were too permissive. Local system users could read...
Low
Unreviewed
CVE-2023-26427
was published
Jun 20, 2023
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754,...
Low
Unreviewed
CVE-2023-32114
was published
Jun 13, 2023
IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission...
Low
Unreviewed
CVE-2022-34314
was published
Nov 15, 2022
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022...
Low
Unreviewed
CVE-2022-39887
was published
Nov 10, 2022
In Bluetooth, there is a possible way to connect or disconnect bluetooth devices without user...
Low
Unreviewed
CVE-2022-20330
was published
Aug 13, 2022
In ActivityManager, there is a possible way to check another process's capabilities due to a...
Low
Unreviewed
CVE-2022-20262
was published
Aug 13, 2022
Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows...
Low
Unreviewed
CVE-2022-33689
was published
Jul 13, 2022
A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE)...
Low
Unreviewed
CVE-2021-34758
was published
May 24, 2022
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to...
Low
Unreviewed
CVE-2020-0904
was published
May 24, 2022
Ingenico Telium 2 POS Telium2 OS allow bypass of file-reading restrictions via the NTPT3 protocol...
Low
Unreviewed
CVE-2018-17766
was published
May 24, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5...
Low
Unreviewed
CVE-2020-4414
was published
May 24, 2022
An issue was discovered in Mattermost Server before 5.8.0, when Town Square is set to Read-Only....
Low
Unreviewed
CVE-2019-20883
was published
May 24, 2022
An exposure of sensitive information flaw was found in Ansible Tower before version 3.7.1....
Low
Unreviewed
CVE-2020-10782
was published
May 24, 2022
An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does...
Low
Unreviewed
CVE-2020-13696
was published
May 24, 2022
A denial of service vulnerability exists when Connected User Experiences and Telemetry Service...
Low
Unreviewed
CVE-2020-1123
was published
May 24, 2022
A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service...
Low
Unreviewed
CVE-2020-1084
was published
May 24, 2022
During installation of an OpenShift 4 cluster, the `openshift-install` command line tool creates...
Low
Unreviewed
CVE-2019-19335
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API