Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,518
Maven
5,000+
npm
4,156
NuGet
736
pip
3,955
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

66 advisories

Loading
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a... Low Unreviewed
CVE-2022-20310 was published Aug 13, 2022
In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a... Low Unreviewed
CVE-2022-20327 was published Aug 13, 2022
In ContentService, there is a possible disclosure of available account types due to a missing... Low Unreviewed
CVE-2022-20305 was published Aug 13, 2022
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a... Low Unreviewed
CVE-2022-20311 was published Aug 13, 2022
In bluetooth, there is a possible way to enable or disable bluetooth connection without user... Low Unreviewed
CVE-2022-20267 was published Aug 13, 2022
In LocationManager, there is a possible way to get location information due to a missing... Low Unreviewed
CVE-2022-20261 was published Aug 13, 2022
In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected... Low Unreviewed
CVE-2022-20358 was published Aug 11, 2022
In various methods of NotificationManagerService.java, there is a possible way to view... Low Unreviewed
CVE-2022-20359 was published Aug 11, 2022
Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1... Low Unreviewed
CVE-2022-30753 was published Jul 13, 2022
Octokit gem published with world-writable files Low
CVE-2022-31072 was published for octokit (RubyGems) Jun 15, 2022
Octopoller gem published with world-writable files Low
CVE-2022-31071 was published for octopoller (RubyGems) Jun 15, 2022
Trusty TLK contains a vulnerability in its access permission settings where it does not properly... Low Unreviewed
CVE-2021-34395 was published May 24, 2022
A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise... Low Unreviewed
CVE-2021-25317 was published May 24, 2022
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1... Low Unreviewed
CVE-2021-25358 was published May 24, 2022
An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP... Low Unreviewed
CVE-2021-25359 was published May 24, 2022
In SELinux policies of mls, there is a missing permission check. This could lead to local... Low Unreviewed
CVE-2020-27056 was published May 24, 2022
In getGpuStatsGlobalInfo and getGpuStatsAppInfo of GpuService.cpp, there is a possible permission... Low Unreviewed
CVE-2020-27057 was published May 24, 2022
In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, there is a possible leak of... Low Unreviewed
CVE-2020-0459 was published May 24, 2022
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After... Low Unreviewed
CVE-2020-11867 was published May 24, 2022
SAP ERP Client for E-Bilanz, version - 1.0, installation sets Incorrect default filesystem... Low Unreviewed
CVE-2020-26807 was published May 24, 2022
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with... Low Unreviewed
CVE-2019-8777 was published May 24, 2022
In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check.... Low Unreviewed
CVE-2020-0412 was published May 24, 2022
In getUiccCardsInfo of PhoneInterfaceManager.java, there is a possible permissions bypass due to... Low Unreviewed
CVE-2020-0107 was published May 24, 2022
In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a... Low Unreviewed
CVE-2020-0135 was published May 24, 2022
In updateUidProcState of AppOpsService.java, there is a possible permission bypass due to a logic... Low Unreviewed
CVE-2020-0121 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database