Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

49 advisories

Loading
In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a... High Unreviewed
CVE-2021-0333 was published May 24, 2022
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack... High Unreviewed
CVE-2021-0331 was published May 24, 2022
In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed... High Unreviewed
CVE-2021-0314 was published May 24, 2022
In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This... High Unreviewed
CVE-2021-0305 was published May 24, 2022
In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This... High Unreviewed
CVE-2021-0302 was published May 24, 2022
In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the... High Unreviewed
CVE-2021-0315 was published May 24, 2022
This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains... High Unreviewed
CVE-2020-7705 was published May 24, 2022
In functionality implemented in System UI, there are insufficient protections implemented around... High Unreviewed
CVE-2018-9524 was published May 13, 2022
In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible... High Unreviewed
CVE-2018-9458 was published May 13, 2022
In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking vulnerability was found that might... High Unreviewed
CVE-2018-7491 was published May 13, 2022
When the RSS Feed preview about:feeds page is framed within another page, it can be used in... High Unreviewed
CVE-2018-18496 was published May 13, 2022
In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick... High Unreviewed
CVE-2021-39796 was published Apr 13, 2022
The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the... High Unreviewed
CVE-2021-44683 was published Mar 27, 2022
In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to... High Unreviewed
CVE-2021-39702 was published Mar 17, 2022
In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile... High Unreviewed
CVE-2021-39692 was published Mar 17, 2022
In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about... High Unreviewed
CVE-2021-39669 was published Feb 12, 2022
A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could... High Unreviewed
CVE-2022-22807 was published Feb 11, 2022
In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking... High Unreviewed
CVE-2021-1036 was published Jan 15, 2022
In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3... High Unreviewed
CVE-2021-34087 was published Jan 11, 2022
In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay... High Unreviewed
CVE-2021-0954 was published Dec 16, 2021
In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in... High Unreviewed
CVE-2021-0963 was published Dec 16, 2021
In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB... High Unreviewed
CVE-2021-1016 was published Dec 16, 2021
In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking... High Unreviewed
CVE-2021-1039 was published Dec 16, 2021
In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a... High Unreviewed
CVE-2021-1040 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database