Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,520
Maven
5,000+
npm
4,160
NuGet
738
pip
3,959
Pub
12
RubyGems
946
Rust
1,027
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,336 advisories

Loading
In getUiccCardsInfo of PhoneInterfaceManager.java, there is a possible permissions bypass due to... Low Unreviewed
CVE-2020-0107 was published May 24, 2022
In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a... Low Unreviewed
CVE-2020-0135 was published May 24, 2022
In checkSystemLocationAccess of LocationAccessPolicy.java, there is a possible bypass of user... Moderate Unreviewed
CVE-2020-0116 was published May 24, 2022
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507... Moderate Unreviewed
CVE-2020-8903 was published May 24, 2022
Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 83.0.4103.88 allowed... Moderate Unreviewed
CVE-2020-6497 was published May 24, 2022
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed... Moderate Unreviewed
CVE-2020-6495 was published May 24, 2022
Incorrect implementation in user interface in Google Chrome on iOS prior to 83.0.4103.88 allowed... Moderate Unreviewed
CVE-2020-6498 was published May 24, 2022
I2P before 0.9.46 allows local users to gain privileges via a Trojan horse I2PSvc.exe file... High Unreviewed
CVE-2020-13431 was published May 24, 2022
Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a... Low Unreviewed
CVE-2020-6480 was published May 24, 2022
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507... Moderate Unreviewed
CVE-2020-8933 was published May 24, 2022
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed
CVE-2020-6487 was published May 24, 2022
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed... Moderate Unreviewed
CVE-2020-6471 was published May 24, 2022
In updateUidProcState of AppOpsService.java, there is a possible permission bypass due to a logic... Low Unreviewed
CVE-2020-0121 was published May 24, 2022
A permissions issue existed. This issue was addressed with improved permission validation. This... High Unreviewed
CVE-2020-9817 was published May 24, 2022
WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local... High Unreviewed
CVE-2020-13866 was published May 24, 2022
The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission... Moderate Unreviewed
CVE-2020-5355 was published Oct 21, 2022
Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an... Moderate Unreviewed
CVE-2020-6476 was published May 24, 2022
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed... Moderate Unreviewed
CVE-2020-6482 was published May 24, 2022
Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a... Moderate Unreviewed
CVE-2020-6483 was published May 24, 2022
Improper input validation in Druva inSync Client 6.5.0 allows a local, authenticated attacker to... Moderate Unreviewed
CVE-2019-4001 was published May 24, 2022
An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for... Moderate Unreviewed
CVE-2020-15852 was published May 24, 2022
coreos-installer < 0.10.0 writes world-readable Ignition config to installed system Moderate
CVE-2021-3917 was published for coreos-installer (Rust) Nov 8, 2021
xlejo
Adobe Genuine Integrity Service versions Version 6.4 and earlier have an insecure file... High Unreviewed
CVE-2020-3766 was published May 24, 2022
Incorrect default permissions in the installer for Intel(R) Graphics Drivers before versions 15... Moderate Unreviewed
CVE-2020-0508 was published May 24, 2022
The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and... High Unreviewed
CVE-2020-3838 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database