Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

49 advisories

Loading
In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to... High Unreviewed
CVE-2021-39702 was published Mar 17, 2022
In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile... High Unreviewed
CVE-2021-39692 was published Mar 17, 2022
The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the... High Unreviewed
CVE-2021-44683 was published Mar 27, 2022
In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick... High Unreviewed
CVE-2021-39796 was published Apr 13, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed
CVE-2021-1403 was published May 24, 2022
In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when... High Unreviewed
CVE-2021-39691 was published Jun 16, 2022
In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a... High Unreviewed
CVE-2022-20212 was published Jul 14, 2022
In onCreate of various files, there is a possible tapjacking/overlay attack. This could lead to... High Unreviewed
CVE-2022-20520 was published Dec 20, 2022
In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a... High Unreviewed
CVE-2021-0333 was published May 24, 2022
In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the... High Unreviewed
CVE-2021-0315 was published May 24, 2022
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack... High Unreviewed
CVE-2021-0331 was published May 24, 2022
In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed... High Unreviewed
CVE-2021-0314 was published May 24, 2022
In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This... High Unreviewed
CVE-2021-0305 was published May 24, 2022
In the Framework, there is a possible way to enable a work profile without user consent due to a... High Unreviewed
CVE-2022-20331 was published Aug 13, 2022
When accepting a malicious intent from other installed apps, Firefox for Android accepted... High Unreviewed
CVE-2021-23976 was published May 24, 2022
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed more... High Unreviewed
CVE-2021-22866 was published May 24, 2022
In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This... High Unreviewed
CVE-2021-0302 was published May 24, 2022
In onCreate of WifiScanModeActivity.java, there is a possible way to enable Wi-Fi scanning... High Unreviewed
CVE-2021-0523 was published May 24, 2022
In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due... High Unreviewed
CVE-2021-0506 was published May 24, 2022
In onCreate of WiFiInstaller.java, there is a possible way to install a malicious Hotspot 2.0... High Unreviewed
CVE-2021-0537 was published May 24, 2022
In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency... High Unreviewed
CVE-2021-0538 was published May 24, 2022
In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an... High Unreviewed
CVE-2021-0586 was published May 24, 2022
In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a... High Unreviewed
CVE-2022-20442 was published Dec 13, 2022
In the user interface buttons of PermissionController, there is a possible way to bypass... High Unreviewed
CVE-2021-39617 was published Dec 13, 2022
In several functions of inputDispatcher.cpp, there is a possible way to make toasts clickable due... High Unreviewed
CVE-2022-20444 was published Dec 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database