Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,520
Maven
5,000+
npm
4,160
NuGet
738
pip
3,959
Pub
12
RubyGems
946
Rust
1,027
Swift
39
Unreviewed advisories
All unreviewed
5,000+

508 advisories

Loading
In broadcastWifiCredentialChanged of ClientModeImpl.java, there is a possible location permission... Moderate Unreviewed
CVE-2020-27053 was published May 24, 2022
In postNotification of ServiceRecord.java, there is a possible permission bypass due to an unsafe... Moderate Unreviewed
CVE-2020-27039 was published May 24, 2022
In listen() and related functions of TelephonyRegistry.java, there is a possible permissions... Moderate Unreviewed
CVE-2020-0468 was published May 24, 2022
Insufficient permission checks in scheduled pipeline API in GitLab CE/EE 13.0+ allows an attacker... Moderate Unreviewed
CVE-2020-13351 was published May 24, 2022
SAP Commerce Cloud, versions- 1808,1811,1905,2005, allows an attacker to bypass existing... Moderate Unreviewed
CVE-2020-26809 was published May 24, 2022
Incorrect default permissions in the Intel(R) DSA before version 20.8.30.6 may allow an... Moderate Unreviewed
CVE-2020-24460 was published May 24, 2022
Magento incorrect permissions vulnerability in the Integrations component Moderate
CVE-2020-24402 was published for magento/community-edition (Composer) May 24, 2022
In updateNotification of BeamTransferManager.java, there is a possible permission bypass due to... Moderate Unreviewed
CVE-2020-0453 was published May 24, 2022
In CellBroadcastReceiver's intent handlers, there is a possible denial of service due to a... Moderate Unreviewed
CVE-2020-0437 was published May 24, 2022
In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to access a... Moderate Unreviewed
CVE-2020-0448 was published May 24, 2022
The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.64_10.2.64 devices allows remote... Moderate Unreviewed
CVE-2020-28041 was published May 24, 2022
An issue was discovered in REDCap 8.11.6 through 9.x before 10. The messenger's CSV feature (that... Moderate Unreviewed
CVE-2020-27358 was published May 24, 2022
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with... Moderate Unreviewed
CVE-2019-14718 was published May 24, 2022
In AudioFlinger::RecordThread::threadLoop of audioflinger/Threads.cpp, there is a possible non... Moderate Unreviewed
CVE-2020-0414 was published May 24, 2022
In setNotification of SapServer.java, there is a possible permission bypass due to a... Moderate Unreviewed
CVE-2020-0410 was published May 24, 2022
In various locations in SystemUI, there is a possible permission bypass due to an unsafe... Moderate Unreviewed
CVE-2020-0415 was published May 24, 2022
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel... Moderate Unreviewed
CVE-2020-26088 was published May 24, 2022
In SyncManager, there is a possible permission bypass due to an unsafe PendingIntent. This could... Moderate Unreviewed
CVE-2020-0426 was published May 24, 2022
In NetworkStatsService, there is a possible access to protected data due to a missing permission... Moderate Unreviewed
CVE-2020-0343 was published May 24, 2022
In UsageStatsManager, there is a possible access to protected data due to a missing permission... Moderate Unreviewed
CVE-2020-0317 was published May 24, 2022
In Zen Mode, there is a possible permission bypass due to an unsafe PendingIntent. This could... Moderate Unreviewed
CVE-2020-0315 was published May 24, 2022
In Telephony, there is a missing permission check. This could lead to local information... Moderate Unreviewed
CVE-2020-0316 was published May 24, 2022
In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could... Moderate Unreviewed
CVE-2020-0310 was published May 24, 2022
In Battery Saver, there is a possible permission bypass due to an unsafe PendingIntent. This... Moderate Unreviewed
CVE-2020-0312 was published May 24, 2022
In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could... Moderate Unreviewed
CVE-2020-0304 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database