Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

87 advisories

Loading
Authenticated Privilege Escalation Low
GHSA-5q58-x5h2-v5rx was published for shopware/core (Composer) Dec 21, 2020
In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine... Low Unreviewed
CVE-2021-1034 was published Dec 16, 2021
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can... Low Unreviewed
CVE-2020-35501 was published Mar 31, 2022
IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging... Low Unreviewed
CVE-2021-29671 was published May 24, 2022
Bootloader contains a vulnerability in access permission settings where unauthorized software may... Low Unreviewed
CVE-2021-34396 was published May 24, 2022
Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O... Low Unreviewed
CVE-2021-25439 was published May 24, 2022
Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker... Low Unreviewed
CVE-2021-32002 was published May 24, 2022
Certain Arm products before 2021-08-23 do not properly consider the effect of exceptions on a... Low Unreviewed
CVE-2021-35465 was published May 24, 2022
Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically... Low Unreviewed
CVE-2021-25409 was published May 24, 2022
An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an... Low Unreviewed
CVE-2021-3049 was published May 24, 2022
Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0)... Low Unreviewed
CVE-2021-25403 was published May 24, 2022
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to... Low Unreviewed
CVE-2021-25501 was published May 24, 2022
An issue has been discovered in GitLab EE affecting all versions starting from 12.2 prior to 14... Low Unreviewed
CVE-2022-1981 was published Jul 2, 2022
IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0... Low Unreviewed
CVE-2022-22326 was published Aug 2, 2022
Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local... Low Unreviewed
CVE-2022-39903 was published Dec 8, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T... Low Unreviewed
CVE-2022-39913 was published Dec 8, 2022
Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung... Low Unreviewed
CVE-2022-39914 was published Dec 8, 2022
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through... Low Unreviewed
CVE-2020-5197 was published May 24, 2022
Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0... Low Unreviewed
CVE-2020-1882 was published May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper... Low Unreviewed
CVE-2020-1791 was published May 24, 2022
In setMasterMute of AudioService.java, there is a missing permission check. This could lead to... Low Unreviewed
CVE-2020-0047 was published May 24, 2022
This issue was addressed with improved checks. This issue is fixed in iOS 13.3.1 and iPadOS 13.3... Low Unreviewed
CVE-2020-3844 was published May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper... Low Unreviewed
CVE-2020-1807 was published May 24, 2022
An improper authorization in the receiver component of the Android Suite Daemon.Product:... Low Unreviewed
CVE-2020-0065 was published May 24, 2022
An improper authorization in the receiver component of Email.Product: AndroidVersions: Android... Low Unreviewed
CVE-2020-0090 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API