GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,726
Composer 4,237
Erlang 31
GitHub Actions 21
Go 2,003
Maven 5,192
npm 3,714
NuGet 661
pip 3,387
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,632

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

172 advisories

Filter by severity

Sort by

Least recently updated

Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure... High Unreviewed

CVE-2022-24618 was published Mar 11, 2022

In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to... High Unreviewed

CVE-2021-39704 was published Mar 17, 2022

In createOrUpdate of BasePermission.java, there is a possible permission bypass due to a logic... High Unreviewed

CVE-2021-39695 was published Mar 17, 2022

In checkFileUriDestination of DownloadProvider.java, there is a possible way to bypass external... High Unreviewed

CVE-2021-39697 was published Mar 17, 2022

This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS... Moderate Unreviewed

CVE-2022-22650 was published Mar 19, 2022

In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without... High Unreviewed

CVE-2021-0965 was published Dec 16, 2021

In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an... High Unreviewed

CVE-2021-1004 was published Dec 16, 2021

In the broadcast definition in AndroidManifest.xml, there is a possible way to set the A2DP... High Unreviewed

CVE-2021-0999 was published Dec 16, 2021

In onReceive of AlertReceiver.java, there is a possible way to dismiss system dialog due to a... High Unreviewed

CVE-2021-0985 was published Dec 16, 2021

In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine... Moderate Unreviewed

CVE-2021-1025 was published Dec 16, 2021

In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a... Moderate Unreviewed

CVE-2021-0653 was published Dec 16, 2021

In getSigningKeySet of PackageManagerService.java, there is a missing permission check. This... Moderate Unreviewed

CVE-2021-1010 was published Dec 16, 2021

An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux... High Unreviewed

CVE-2021-3847 was published Apr 3, 2022

Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain... High Unreviewed

CVE-2022-24428 was published Apr 9, 2022

In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission... High Unreviewed

CVE-2021-39622 was published Jan 15, 2022

The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the... Moderate Unreviewed

CVE-2021-43708 was published Apr 22, 2022

A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU. The new ... Low Unreviewed

CVE-2021-20263 was published May 24, 2022

In updateNotification of BeamTransferManager.java, there is a missing permission check. This... Moderate Unreviewed

CVE-2021-0542 was published May 24, 2022

eG Agent before 7.2 has weak file permissions that enable escalation of privileges to SYSTEM. High Unreviewed

CVE-2022-29594 was published Jun 3, 2022

The communication module has a vulnerability of improper permission preservation. Successful... Moderate Unreviewed

CVE-2022-31755 was published Jun 14, 2022

Improper validation of permissions for third party application accessing Telephony service API... Moderate Unreviewed

CVE-2021-35079 was published Jun 15, 2022

MetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because... Moderate Unreviewed

CVE-2022-32969 was published Jun 30, 2022

IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes... High Unreviewed

CVE-2022-22472 was published Jul 1, 2022

Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a... Moderate Unreviewed

CVE-2020-6564 was published May 24, 2022

GossipSub 1.1, as used for Ethereum 2.0, allows a peer to maintain a positive score (and thus not... Moderate Unreviewed

CVE-2022-47547 was published Dec 19, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

172 advisories