Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

60 advisories

Loading
In PackageManager, there is a possible way to determine whether an app is installed due to a... Low Unreviewed
CVE-2022-20328 was published Aug 13, 2022
In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location... Low Unreviewed
CVE-2022-20240 was published Dec 13, 2022
In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected... Low Unreviewed
CVE-2022-20358 was published Aug 11, 2022
The BIOS in Intel Compute Stick systems based on 6th Gen Intel Core processors prior to version... Low Unreviewed
CVE-2017-5684 was published May 13, 2022
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version KY0045 may... Low Unreviewed
CVE-2017-5685 was published May 13, 2022
The BIOS in Intel NUC systems based on 6th Gen Intel Core processors prior to version SY0059 may... Low Unreviewed
CVE-2017-5686 was published May 13, 2022
In LocationManager, there is a possible way to get location information due to a missing... Low Unreviewed
CVE-2022-20261 was published Aug 13, 2022
In bluetooth, there is a possible way to enable or disable bluetooth connection without user... Low Unreviewed
CVE-2022-20267 was published Aug 13, 2022
In various methods of NotificationManagerService.java, there is a possible way to view... Low Unreviewed
CVE-2022-20359 was published Aug 11, 2022
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other... Low Unreviewed
CVE-2012-4453 was published May 13, 2022
Octopoller gem published with world-writable files Low
CVE-2022-31071 was published for octopoller (RubyGems) Jun 15, 2022
Local privilege escalation due to insecure folder permissions. The following products are... Low Unreviewed
CVE-2023-44157 was published Sep 27, 2023
A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with... Low Unreviewed
CVE-2021-3981 was published Mar 11, 2022
SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3)... Low Unreviewed
CVE-2005-1941 was published May 1, 2022
The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home... Low Unreviewed
CVE-2002-1713 was published Apr 30, 2022
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux... Low Unreviewed
CVE-2019-17053 was published May 24, 2022
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through... Low Unreviewed
CVE-2019-17056 was published May 24, 2022
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1... Low Unreviewed
CVE-2021-25358 was published May 24, 2022
Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1... Low Unreviewed
CVE-2023-21512 was published Jun 28, 2023
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel... Low Unreviewed
CVE-2019-17054 was published May 24, 2022
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an... Low Unreviewed
CVE-2019-14861 was published May 24, 2022
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console Low
CVE-2024-5967 was published for org.keycloak:keycloak-ldap-federation (Maven) Jun 21, 2024
MarkLee131
Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version... Low Unreviewed
CVE-2024-32368 was published Apr 22, 2024
Duplicate Advisory: Keycloak: Leak of configured LDAP bind credentials Low
GHSA-gmrm-8fx4-66x7 was published for org.keycloak:keycloak-core (Maven) Jun 18, 2024 withdrawn
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk®... Low Unreviewed
CVE-2024-6326 was published Jul 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database