GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
119 advisories
Filter by severity
In onReceive of AppRestrictionsFragment.java, there is a possible way to start a phone call...
High
Unreviewed
CVE-2021-39707
was published
Mar 17, 2022
In updateState of UsbDeviceManager.java, there is a possible unauthorized access of files due to...
High
Unreviewed
CVE-2021-39703
was published
Mar 17, 2022
In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could...
High
Unreviewed
CVE-2021-39787
was published
Mar 31, 2022
In Gallery, there is a possible permission bypass due to a confused deputy. This could lead to...
Moderate
Unreviewed
CVE-2021-39765
was published
Mar 31, 2022
A vulnerability in the software upgrade process of Cisco Unified Communications Manager (Unified...
High
Unreviewed
CVE-2022-20789
was published
Apr 22, 2022
ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name...
High
Unreviewed
CVE-2022-24241
was published
Jun 3, 2022
A vulnerability, which was classified as critical, was found in soshtolsus wing-tight. This...
Critical
Unreviewed
CVE-2014-125044
was published
Jan 5, 2023
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to...
High
Unreviewed
CVE-2022-20223
was published
Jul 14, 2022
Honeywell Alerton Compass Software 1.6.5 allows unauthenticated configuration changes from remote...
Moderate
Unreviewed
CVE-2022-30245
was published
Jul 16, 2022
A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50....
Moderate
Unreviewed
CVE-2015-10003
was published
Jul 18, 2022
WordPress Plugin mb.miniAudioPlayer-an HTML5 audio player for your mp3 files is prone to multiple...
High
Unreviewed
CVE-2016-0796
was published
Jul 29, 2022
ws-scrcpy is vulnerable to External Control of File Name or Path
High
Unreviewed
CVE-2021-3845
was published
Jan 5, 2022
In AOSP Email, there is a possible information disclosure due to a confused deputy. This could...
Low
Unreviewed
CVE-2019-9440
was published
May 24, 2022
In the Package Manager service, there is a possible information disclosure due to a confused...
Low
Unreviewed
CVE-2019-9438
was published
May 24, 2022
In the Activity Manager service, there is a possible information disclosure due to a confused...
Low
Unreviewed
CVE-2019-9292
was published
May 24, 2022
This external control of file name or path vulnerability allows remote attackers to access or...
High
Unreviewed
CVE-2019-7195
was published
May 24, 2022
This external control of file name or path vulnerability allows remote attackers to access or...
High
Unreviewed
CVE-2019-7194
was published
May 24, 2022
In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a...
Moderate
Unreviewed
CVE-2022-20199
was published
Dec 20, 2022
In AccountManager, there is a possible bypass of a permissions check due to a confused deputy....
Moderate
Unreviewed
CVE-2020-0338
was published
May 24, 2022
An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6...
Moderate
Unreviewed
CVE-2022-28710
was published
Aug 23, 2022
In MediaProvider, there is a possible bypass of a permissions check due to a confused deputy....
Moderate
Unreviewed
CVE-2020-0337
was published
May 24, 2022
An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs...
High
Unreviewed
CVE-2020-6105
was published
May 24, 2022
'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area),...
Critical
Unreviewed
CVE-2022-20239
was published
Aug 11, 2022
An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to...
High
Unreviewed
CVE-2021-27183
was published
May 24, 2022
Externally controlled reference to a resource in another sphere in quarantine functionality in...
High
Unreviewed
CVE-2021-27648
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API