Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,041 advisories

Loading
MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests,... Moderate Unreviewed
CVE-2011-4361 was published May 13, 2022
Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering... High Unreviewed
CVE-2015-7378 was published May 13, 2022
Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business... High Unreviewed
CVE-2016-3943 was published May 13, 2022
Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation... High Unreviewed
CVE-2016-6914 was published May 13, 2022
The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change... Moderate Unreviewed
CVE-2013-4394 was published May 13, 2022
Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder,... High Unreviewed
CVE-2015-7985 was published May 13, 2022
A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10... Moderate Unreviewed
CVE-2019-3870 was published May 13, 2022
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows... High Unreviewed
CVE-2022-30594 was published May 13, 2022
In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due... High Unreviewed
CVE-2022-20004 was published May 11, 2022
Joomla Guru extension 5.2.5 is affected by: Insecure Permissions. The impact is: obtain sensitive... High Unreviewed
CVE-2022-23802 was published May 7, 2022
Samsung Galaxy S3/S4 exposes an unprotected component allowing arbitrary SMS text messages... Moderate Unreviewed
CVE-2013-4763 was published May 5, 2022
SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3)... Low Unreviewed
CVE-2005-1941 was published May 1, 2022
Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with... High Unreviewed
CVE-2002-1844 was published Apr 30, 2022
The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home... Low Unreviewed
CVE-2002-1713 was published Apr 30, 2022
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure... Moderate Unreviewed
CVE-2001-0497 was published Apr 30, 2022
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing. High Unreviewed
CVE-1999-0426 was published Apr 30, 2022
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype... Moderate Unreviewed
CVE-2004-1778 was published Apr 29, 2022
In Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0, a site using Isolated Institutions is... High Unreviewed
CVE-2022-29585 was published Apr 29, 2022
An issue was discovered in CipherMail Webmail Messenger 1.1.1 through 4.1.4. A local attacker... Moderate Unreviewed
CVE-2022-28218 was published Apr 27, 2022
A denial of service vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175... Moderate Unreviewed
CVE-2021-3722 was published Apr 23, 2022
The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the... High Unreviewed
CVE-2022-29547 was published Apr 22, 2022
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager... High Unreviewed
CVE-2022-20732 was published Apr 22, 2022
A improper permission configuration vulnerability in Xiaomi Content Center APP. This... Moderate Unreviewed
CVE-2020-14117 was published Apr 22, 2022
The setup program for the affected product configures its files and folders with full access,... High Unreviewed
CVE-2021-43986 was published Apr 21, 2022
Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does... Moderate Unreviewed
CVE-2022-26595 was published Apr 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database