GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
62 advisories
Filter by severity
There is an Improper permission control vulnerability in Huawei Smartphone.Successful...
Moderate
Unreviewed
CVE-2021-37056
was published
Dec 8, 2021
In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine...
Moderate
Unreviewed
CVE-2021-1025
was published
Dec 16, 2021
In getSigningKeySet of PackageManagerService.java, there is a missing permission check. This...
Moderate
Unreviewed
CVE-2021-1010
was published
Dec 16, 2021
In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java,...
Moderate
Unreviewed
CVE-2021-0704
was published
Dec 16, 2021
In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a...
Moderate
Unreviewed
CVE-2021-0653
was published
Dec 16, 2021
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.5, macOS...
Moderate
Unreviewed
CVE-2022-22650
was published
Mar 19, 2022
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the...
Moderate
Unreviewed
CVE-2021-43708
was published
Apr 22, 2022
Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for...
Moderate
Unreviewed
CVE-2017-5033
was published
Apr 30, 2022
Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories...
Moderate
Unreviewed
CVE-2001-1515
was published
Apr 30, 2022
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and...
Moderate
Unreviewed
CVE-2002-2323
was published
Apr 30, 2022
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the...
Moderate
Unreviewed
CVE-2005-1920
was published
May 1, 2022
Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for...
Moderate
Unreviewed
CVE-2018-3762
was published
May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x...
Moderate
Unreviewed
CVE-2019-6995
was published
May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before...
Moderate
Unreviewed
CVE-2019-6791
was published
May 24, 2022
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without...
Moderate
Unreviewed
CVE-2019-14956
was published
May 24, 2022
Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a...
Moderate
Unreviewed
CVE-2019-13727
was published
May 24, 2022
Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64...
Moderate
Unreviewed
CVE-2019-20384
was published
May 24, 2022
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR...
Moderate
Unreviewed
CVE-2020-7063
was published
May 24, 2022
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions...
Moderate
Unreviewed
CVE-2020-13230
was published
May 24, 2022
In Android Auto Settings, there is a possible permission bypass due to an unsafe PendingIntent....
Moderate
Unreviewed
CVE-2020-0269
was published
May 24, 2022
In Telephony, there are possible leaks of sensitive data due to missing permission checks. This...
Moderate
Unreviewed
CVE-2020-0265
was published
May 24, 2022
In Settings, there is a possible permissions bypass. This could lead to local information...
Moderate
Unreviewed
CVE-2020-0331
was published
May 24, 2022
In core networking, there is a missing permission check. This could lead to local information...
Moderate
Unreviewed
CVE-2020-0327
was published
May 24, 2022
Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a...
Moderate
Unreviewed
CVE-2020-6564
was published
May 24, 2022
A security feature bypass vulnerability exists when Microsoft Windows fails to handle file...
Moderate
Unreviewed
CVE-2020-16910
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API