Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

65 advisories

Loading
In SELinux policies of mls, there is a missing permission check. This could lead to local... Low Unreviewed
CVE-2020-27056 was published May 24, 2022
An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP... Low Unreviewed
CVE-2021-25359 was published May 24, 2022
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1... Low Unreviewed
CVE-2021-25358 was published May 24, 2022
A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise... Low Unreviewed
CVE-2021-25317 was published May 24, 2022
Trusty TLK contains a vulnerability in its access permission settings where it does not properly... Low Unreviewed
CVE-2021-34395 was published May 24, 2022
Octopoller gem published with world-writable files Low
CVE-2022-31071 was published for octopoller (RubyGems) Jun 15, 2022
Octokit gem published with world-writable files Low
CVE-2022-31072 was published for octokit (RubyGems) Jun 15, 2022
Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1... Low Unreviewed
CVE-2022-30753 was published Jul 13, 2022
In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected... Low Unreviewed
CVE-2022-20358 was published Aug 11, 2022
In various methods of NotificationManagerService.java, there is a possible way to view... Low Unreviewed
CVE-2022-20359 was published Aug 11, 2022
In bluetooth, there is a possible way to enable or disable bluetooth connection without user... Low Unreviewed
CVE-2022-20267 was published Aug 13, 2022
In LocationManager, there is a possible way to get location information due to a missing... Low Unreviewed
CVE-2022-20261 was published Aug 13, 2022
In ActivityManager, there is a possible disclosure of installed packages due to a missing... Low Unreviewed
CVE-2022-20315 was published Aug 13, 2022
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a... Low Unreviewed
CVE-2022-20311 was published Aug 13, 2022
In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a... Low Unreviewed
CVE-2022-20327 was published Aug 13, 2022
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a... Low Unreviewed
CVE-2022-20310 was published Aug 13, 2022
In ContentService, there is a possible disclosure of available account types due to a missing... Low Unreviewed
CVE-2022-20305 was published Aug 13, 2022
In PackageManager, there is a possible way to determine whether an app is installed due to a... Low Unreviewed
CVE-2022-20328 was published Aug 13, 2022
In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location... Low Unreviewed
CVE-2022-20240 was published Dec 13, 2022
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1... Low Unreviewed
CVE-2023-21512 was published Jun 28, 2023
Local privilege escalation due to insecure folder permissions. The following products are... Low Unreviewed
CVE-2023-44157 was published Sep 27, 2023
In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. Low Unreviewed
CVE-2024-30204 was published Mar 25, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Low Unreviewed
CVE-2024-21004 was published Apr 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE ... Low Unreviewed
CVE-2024-21002 was published Apr 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21012 was published Apr 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database