Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

475 advisories

Loading
coreos-installer < 0.10.0 writes world-readable Ignition config to installed system Moderate
CVE-2021-3917 was published for coreos-installer (Rust) Nov 8, 2021
xlejo
An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for... Moderate Unreviewed
CVE-2020-15852 was published May 24, 2022
Improper input validation in Druva inSync Client 6.5.0 allows a local, authenticated attacker to... Moderate Unreviewed
CVE-2019-4001 was published May 24, 2022
Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed
CVE-2020-6483 was published May 24, 2022
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed... Moderate Unreviewed
CVE-2020-6482 was published May 24, 2022
Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an... Moderate Unreviewed
CVE-2020-6476 was published May 24, 2022
The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission... Moderate Unreviewed
CVE-2020-5355 was published Oct 21, 2022
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507... Moderate Unreviewed
CVE-2020-8933 was published May 24, 2022
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed
CVE-2020-6487 was published May 24, 2022
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed... Moderate Unreviewed
CVE-2020-6471 was published May 24, 2022
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507... Moderate Unreviewed
CVE-2020-8903 was published May 24, 2022
Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 83.0.4103.88 allowed... Moderate Unreviewed
CVE-2020-6497 was published May 24, 2022
Incorrect implementation in user interface in Google Chrome on iOS prior to 83.0.4103.88 allowed... Moderate Unreviewed
CVE-2020-6498 was published May 24, 2022
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed... Moderate Unreviewed
CVE-2020-6495 was published May 24, 2022
In checkSystemLocationAccess of LocationAccessPolicy.java, there is a possible bypass of user... Moderate Unreviewed
CVE-2020-0116 was published May 24, 2022
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507... Moderate Unreviewed
CVE-2020-8907 was published May 24, 2022
Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote... Moderate Unreviewed
CVE-2020-6527 was published May 24, 2022
In Java network APIs, there is possible access to sensitive network state due to a missing... Moderate Unreviewed
CVE-2020-0293 was published May 24, 2022
In SyncManager, there is a possible permission bypass due to an unsafe PendingIntent. This could... Moderate Unreviewed
CVE-2020-0426 was published May 24, 2022
In Telephony, there is a possible permission bypass due to a missing permission check. This could... Moderate Unreviewed
CVE-2020-0276 was published May 24, 2022
In ADB server and USB server, there is a possible permission bypass due to an unsafe... Moderate Unreviewed
CVE-2020-0296 was published May 24, 2022
In devicepolicy service, there is a possible permission bypass due to an unsafe PendingIntent.... Moderate Unreviewed
CVE-2020-0297 was published May 24, 2022
In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could... Moderate Unreviewed
CVE-2020-0307 was published May 24, 2022
In Telephony, there is a possible permission bypass due to a missing permission check. This could... Moderate Unreviewed
CVE-2020-0284 was published May 24, 2022
In Zen Mode, there is a possible permission bypass due to an unsafe PendingIntent. This could... Moderate Unreviewed
CVE-2020-0315 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database