Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,298
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+

631 advisories

Loading
In createInputConsumer of WindowManagerService.java, there is a possible way to block and... High Unreviewed
CVE-2020-0475 was published May 24, 2022
Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install... High Unreviewed
CVE-2022-29376 was published May 24, 2022
In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due... High Unreviewed
CVE-2020-0439 was published May 24, 2022
In Bluetooth, there is a possible spoofing of bluetooth device metadata due to a missing... High Unreviewed
CVE-2020-0299 was published May 24, 2022
In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to... High Unreviewed
CVE-2020-0227 was published May 24, 2022
Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers... High Unreviewed
CVE-2022-28999 was published May 24, 2022
Permission control vulnerability in the network module. Successful exploitation of this... High Unreviewed
CVE-2022-37006 was published Aug 11, 2022
Vulnerability in the HQSwSmiDxe DXE driver on some consumer Acer Notebook devices may allow an... High Unreviewed
CVE-2022-4020 was published Nov 28, 2022
A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager... High Unreviewed
CVE-2022-20732 was published Apr 22, 2022
Access to Unix domain socket can lead to privileges escalation in Cilium High
CVE-2022-29178 was published for github.com/cilium/cilium (Go) May 24, 2022
daniel-f3 danmx
The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the... High Unreviewed
CVE-2022-29547 was published Apr 22, 2022
In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the... High Unreviewed
CVE-2021-39794 was published Apr 13, 2022
Podman's default inheritable capabilities for linux container not empty High
CVE-2022-27649 was published for github.com/containers/podman/v4 (Go) Apr 1, 2022
AndrewGMorgan
In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible... High Unreviewed
CVE-2021-1000 was published Mar 31, 2022
In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission... High Unreviewed
CVE-2021-1033 was published Mar 31, 2022
In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN... High Unreviewed
CVE-2021-39651 was published Dec 16, 2021
In Traceur, there is a possible bypass of developer settings requirements for capturing system... High Unreviewed
CVE-2021-39780 was published Mar 31, 2022
In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check... High Unreviewed
CVE-2021-39639 was published Dec 16, 2021
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows... High Unreviewed
CVE-2022-30594 was published May 13, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vulnerable to an incorrect... High Unreviewed
CVE-2022-26839 was published Mar 30, 2022
The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a... High Unreviewed
CVE-2021-40904 was published Mar 27, 2022
Incorrect permissions in the Bluetooth Services in the Fortessa FTBTLD Smart Lock as of 12-13... High Unreviewed
CVE-2021-44905 was published Mar 26, 2022
A privilege escalation vulnerability exists in the Windows version of installation for Advantech... High Unreviewed
CVE-2021-21910 was published Dec 23, 2021
In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message... High Unreviewed
CVE-2021-39734 was published Mar 17, 2022
In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials... High Unreviewed
CVE-2021-39706 was published Mar 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database