Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

77 advisories

Loading
Key Caching behavior in the DynamoDB Encryption Client. Low
GHSA-4ph2-8337-hm62 was published for dynamodb-encryption-sdk (pip) Feb 8, 2021
Bypass of fix for CVE-2020-15247, Twig sandbox escape Low
CVE-2020-26231 was published for october/cms (Composer) Nov 23, 2020
ka1n4t
Key Caching behavior in the DynamoDB Encryption Client. Low
GHSA-w736-hf9p-qqh3 was published for com.amazonaws:aws-dynamodb-encryption-java (Maven) Feb 8, 2021
Generation of fake documents via public GET-call Low
GHSA-jvg4-9rc2-wvcr was published for shopware/platform (Composer) Feb 10, 2021
Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically... Low Unreviewed
CVE-2021-25409 was published May 24, 2022
In SELinux policy, there is a possible way of inferring which websites are being opened in the... Low Unreviewed
CVE-2022-20340 was published Aug 13, 2022
In Settings, there is a possible installed application disclosure due to a missing permission... Low Unreviewed
CVE-2022-20336 was published Aug 13, 2022
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel... Low Unreviewed
CVE-2019-17055 was published May 24, 2022
In Wifi Slice, there is a possible way to adjust Wi-Fi settings even when the permission has been... Low Unreviewed
CVE-2022-20335 was published Aug 13, 2022
A flaw was discovered in ibus that allows any unprivileged user to monitor and send method calls... Low Unreviewed
CVE-2019-14822 was published May 24, 2022
In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure... Low Unreviewed
CVE-2022-20519 was published Dec 20, 2022
In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the... Low Unreviewed
CVE-2022-20533 was published Dec 20, 2022
In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for... Low Unreviewed
CVE-2022-20556 was published Dec 20, 2022
The issue was addressed with improved permissions logic. This issue is fixed in iTunes for... Low Unreviewed
CVE-2020-3861 was published May 24, 2022
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. There is... Low Unreviewed
CVE-2020-11601 was published May 24, 2022
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and... Low Unreviewed
CVE-2020-3891 was published May 24, 2022
Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement,... Low Unreviewed
CVE-2020-11470 was published May 24, 2022
Any Flarum user including unactivated can reply in public discussions whose first post was permanently deleted Low
CVE-2023-22489 was published for flarum/core (Composer) Jan 10, 2023
clarkwinkelmann
The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF... Low Unreviewed
CVE-2022-4102 was published Jan 10, 2023
Telegram Desktop through 2.4.3 does not require passcode entry upon pushing the Export key within... Low Unreviewed
CVE-2020-25824 was published May 24, 2022
The issue was addressed with improved validation when an iCloud Link is created. This issue is... Low Unreviewed
CVE-2019-8857 was published May 24, 2022
A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610. It has been classified... Low Unreviewed
CVE-2022-2841 was published Aug 23, 2022
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with... Low Unreviewed
CVE-2021-1755 was published May 24, 2022
In JetBrains Code With Me before 2020.3, an attacker on the local network, knowing a session ID,... Low Unreviewed
CVE-2021-25755 was published May 24, 2022
In LabCup before <v2_next_18022, it is possible to use the save API to perform unauthorized... Low Unreviewed
CVE-2021-33031 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database