Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

446 advisories

Loading
Incorrect default permissions in the installer for Intel(R) Graphics Drivers before versions 15... Moderate Unreviewed
CVE-2020-0508 was published May 24, 2022
coreos-installer < 0.10.0 writes world-readable Ignition config to installed system Moderate
CVE-2021-3917 was published for coreos-installer (Rust) Nov 8, 2021
xlejo
An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for... Moderate Unreviewed
CVE-2020-15852 was published May 24, 2022
Improper input validation in Druva inSync Client 6.5.0 allows a local, authenticated attacker to... Moderate Unreviewed
CVE-2019-4001 was published May 24, 2022
Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed
CVE-2020-6483 was published May 24, 2022
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed... Moderate Unreviewed
CVE-2020-6482 was published May 24, 2022
Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an... Moderate Unreviewed
CVE-2020-6476 was published May 24, 2022
The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission... Moderate Unreviewed
CVE-2020-5355 was published Oct 21, 2022
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507... Moderate Unreviewed
CVE-2020-8933 was published May 24, 2022
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed
CVE-2020-6487 was published May 24, 2022
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed... Moderate Unreviewed
CVE-2020-6471 was published May 24, 2022
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507... Moderate Unreviewed
CVE-2020-8903 was published May 24, 2022
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed... Moderate Unreviewed
CVE-2020-6495 was published May 24, 2022
Incorrect implementation in user interface in Google Chrome on iOS prior to 83.0.4103.88 allowed... Moderate Unreviewed
CVE-2020-6498 was published May 24, 2022
Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 83.0.4103.88 allowed... Moderate Unreviewed
CVE-2020-6497 was published May 24, 2022
In checkSystemLocationAccess of LocationAccessPolicy.java, there is a possible bypass of user... Moderate Unreviewed
CVE-2020-0116 was published May 24, 2022
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507... Moderate Unreviewed
CVE-2020-8907 was published May 24, 2022
Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote... Moderate Unreviewed
CVE-2020-6527 was published May 24, 2022
In Java network APIs, there is possible access to sensitive network state due to a missing... Moderate Unreviewed
CVE-2020-0293 was published May 24, 2022
In SyncManager, there is a possible permission bypass due to an unsafe PendingIntent. This could... Moderate Unreviewed
CVE-2020-0426 was published May 24, 2022
In Telephony, there is a possible permission bypass due to a missing permission check. This could... Moderate Unreviewed
CVE-2020-0276 was published May 24, 2022
In Telephony, there is a possible permission bypass due to a missing permission check. This could... Moderate Unreviewed
CVE-2020-0284 was published May 24, 2022
In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could... Moderate Unreviewed
CVE-2020-0307 was published May 24, 2022
In Telephony, there is a missing permission check. This could lead to local information... Moderate Unreviewed
CVE-2020-0316 was published May 24, 2022
In Zen Mode, there is a possible permission bypass due to an unsafe PendingIntent. This could... Moderate Unreviewed
CVE-2020-0315 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database