Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,833
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+

83 advisories

Loading
Privilege escalation by backend users assigned to the default "Publisher" system role Low
CVE-2020-15248 was published for october/backend (Composer) Nov 23, 2020
Authenticated Privilege Escalation Low
GHSA-5q58-x5h2-v5rx was published for shopware/core (Composer) Dec 21, 2020
In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine... Low Unreviewed
CVE-2021-1034 was published Dec 16, 2021
Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to... Low Unreviewed
CVE-2022-22272 was published Jan 11, 2022
Insufficient user authorization in Moodle Low
CVE-2022-0333 was published for moodle/moodle (Composer) Jan 28, 2022
Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China... Low Unreviewed
CVE-2022-24923 was published Feb 12, 2022
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can... Low Unreviewed
CVE-2020-35501 was published Mar 31, 2022
Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local... Low Unreviewed
CVE-2022-28777 was published Apr 12, 2022
Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0... Low Unreviewed
CVE-2022-28778 was published Apr 12, 2022
Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker... Low Unreviewed
CVE-2022-28775 was published Apr 12, 2022
A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an... Low Unreviewed
CVE-2019-1667 was published May 13, 2022
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth... Low Unreviewed
CVE-2018-10910 was published May 13, 2022
Huawei smartphones with software Victoria-AL00 8.0.0.336a(C00) have an information leakage... Low Unreviewed
CVE-2018-7957 was published May 13, 2022
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through... Low Unreviewed
CVE-2020-5197 was published May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper... Low Unreviewed
CVE-2020-1791 was published May 24, 2022
Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0... Low Unreviewed
CVE-2020-1882 was published May 24, 2022
This issue was addressed with improved checks. This issue is fixed in iOS 13.3.1 and iPadOS 13.3... Low Unreviewed
CVE-2020-3844 was published May 24, 2022
In setMasterMute of AudioService.java, there is a missing permission check. This could lead to... Low Unreviewed
CVE-2020-0047 was published May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper... Low Unreviewed
CVE-2020-1807 was published May 24, 2022
An improper authorization while processing the provisioning data.Product: AndroidVersions:... Low Unreviewed
CVE-2020-0064 was published May 24, 2022
An improper authorization in the receiver component of the Android Suite Daemon.Product:... Low Unreviewed
CVE-2020-0065 was published May 24, 2022
An improper authorization in the receiver component of Email.Product: AndroidVersions: Android... Low Unreviewed
CVE-2020-0090 was published May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper... Low Unreviewed
CVE-2020-1797 was published May 24, 2022
An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does... Low Unreviewed
CVE-2020-13696 was published May 24, 2022
Philips SureSigns VS4, A.07.107 and prior. The software does not restrict or incorrectly... Low Unreviewed
CVE-2020-16241 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API