Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

52 advisories

Loading
Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1... Low Unreviewed
CVE-2022-30753 was published Jul 13, 2022
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a... Low Unreviewed
CVE-2022-20310 was published Aug 13, 2022
In ActivityManager, there is a possible disclosure of installed packages due to a missing... Low Unreviewed
CVE-2022-20315 was published Aug 13, 2022
A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise... Low Unreviewed
CVE-2021-25317 was published May 24, 2022
In ContentService, there is a possible disclosure of available account types due to a missing... Low Unreviewed
CVE-2022-20305 was published Aug 13, 2022
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a... Low Unreviewed
CVE-2022-20311 was published Aug 13, 2022
In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a... Low Unreviewed
CVE-2020-0009 was published May 24, 2022
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2... Low Unreviewed
CVE-2019-17052 was published May 24, 2022
Improper permission or value checking in the CLI console may allow a non-privileged user to... Low Unreviewed
CVE-2019-5593 was published May 24, 2022
In updateUidProcState of AppOpsService.java, there is a possible permission bypass due to a logic... Low Unreviewed
CVE-2020-0121 was published May 24, 2022
Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a... Low Unreviewed
CVE-2020-6480 was published May 24, 2022
In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a... Low Unreviewed
CVE-2020-0135 was published May 24, 2022
In getUiccCardsInfo of PhoneInterfaceManager.java, there is a possible permissions bypass due to... Low Unreviewed
CVE-2020-0107 was published May 24, 2022
SAP ERP Client for E-Bilanz, version - 1.0, installation sets Incorrect default filesystem... Low Unreviewed
CVE-2020-26807 was published May 24, 2022
In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check.... Low Unreviewed
CVE-2020-0412 was published May 24, 2022
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After... Low Unreviewed
CVE-2020-11867 was published May 24, 2022
In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, there is a possible leak of... Low Unreviewed
CVE-2020-0459 was published May 24, 2022
In getGpuStatsGlobalInfo and getGpuStatsAppInfo of GpuService.cpp, there is a possible permission... Low Unreviewed
CVE-2020-27057 was published May 24, 2022
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with... Low Unreviewed
CVE-2019-8777 was published May 24, 2022
In SELinux policies of mls, there is a missing permission check. This could lead to local... Low Unreviewed
CVE-2020-27056 was published May 24, 2022
An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP... Low Unreviewed
CVE-2021-25359 was published May 24, 2022
Trusty TLK contains a vulnerability in its access permission settings where it does not properly... Low Unreviewed
CVE-2021-34395 was published May 24, 2022
In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a... Low Unreviewed
CVE-2022-20327 was published Aug 13, 2022
In PackageManager, there is a possible way to determine whether an app is installed due to a... Low Unreviewed
CVE-2022-20328 was published Aug 13, 2022
In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location... Low Unreviewed
CVE-2022-20240 was published Dec 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database