Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

475 advisories

Loading
In ContentService, there is a possible way to check if the given account exists on the device due... Moderate Unreviewed
CVE-2022-20299 was published Aug 13, 2022
In WifiP2pManager, there is a possible toobtain WiFi P2P MAC address without user consent due to... Moderate Unreviewed
CVE-2022-20312 was published Aug 13, 2022
In ContentService, there is a possible way to check if an account exists on the device due to a... Moderate Unreviewed
CVE-2022-20298 was published Aug 13, 2022
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed
CVE-2020-6439 was published May 24, 2022
parse-server's session object properties can be updated by foreign user if object ID is known Moderate
CVE-2022-39225 was published for parse-server (npm) Sep 21, 2022
In Content, there is a possible way to learn about an account present on the device due to a... Moderate Unreviewed
CVE-2022-20294 was published Aug 13, 2022
Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed
CVE-2020-6431 was published May 24, 2022
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed
CVE-2020-6488 was published May 24, 2022
Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed
CVE-2020-6484 was published May 24, 2022
Incorrect default permissions in the Intel(R) Support Android application before version v22.02... Moderate Unreviewed
CVE-2022-36367 was published Nov 11, 2022
plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak... Moderate Unreviewed
CVE-2010-4176 was published May 17, 2022
An incorrect default permissions vulnerability was found in the mig-controller. Due to an... Moderate Unreviewed
CVE-2021-3948 was published Feb 19, 2022
An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions,... Moderate Unreviewed
CVE-2018-7822 was published May 24, 2022
OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication... Moderate Unreviewed
CVE-2022-45118 was published Dec 8, 2022
In PermissionController, there is a possible misunderstanding about the default SMS application's... Moderate Unreviewed
CVE-2022-20272 was published Aug 13, 2022
In ConnectivityService, there is a possible bypass of network permissions due to a missing... Moderate Unreviewed
CVE-2022-20341 was published Aug 13, 2022
If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes... Moderate Unreviewed
CVE-2019-11738 was published May 24, 2022
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed
CVE-2020-6446 was published May 24, 2022
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92... Moderate Unreviewed
CVE-2020-6456 was published May 24, 2022
Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory,... Moderate Unreviewed
CVE-2019-18895 was published May 24, 2022
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed
CVE-2020-6445 was published May 24, 2022
Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed
CVE-2020-6441 was published May 24, 2022
Comment properties in Atlassian Jira Server and Data Center before version 7.13.12, from 8.0.0... Moderate Unreviewed
CVE-2019-20106 was published May 24, 2022
In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user... Moderate Unreviewed
CVE-2020-0023 was published May 24, 2022
Incorrect default permissions in the installer for Intel(R) Graphics Drivers before versions 15... Moderate Unreviewed
CVE-2020-0508 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database